FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Predictable query ids in named(8)

Affected packages
9.4 <= named < 9.4.1.1
9.3 <= named < 9.3.4.1
6.2 <= FreeBSD < 6.2_7
6.1 <= FreeBSD < 6.1_19
5.5 <= FreeBSD < 5.5_15

Details

VuXML ID 3de342fb-40be-11dc-aeac-02e0185f8d72
Discovery 2007-07-24
Entry 2007-08-02
Modified 2016-08-09

Problem Description:

When named(8) is operating as a recursive DNS server or sending NOTIFY requests to slave DNS servers, named(8) uses a predictable query id.

Impact:

An attacker who can see the query id for some request(s) sent by named(8) is likely to be able to perform DNS cache poisoning by predicting the query id for other request(s).

Workaround:

No workaround is available.

References

CVE Name CVE-2007-2926
FreeBSD Advisory SA-07:07.bind

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.