DescriptionThe DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- SUSE-SA:2008:033, published Fri, 11 Jul 2008 09:00:00 +0000
- SUSE-SA:2008:041, published Thu, 14 Aug 2008 18:00:00 +0000
- SUSE-SR:2008:017, published Fri, 29 Aug 2008 14:00:00 +0000
- TID7000912, published Mo 24. Nov 17:13:23 CET 2014
List of released packages
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|SUSE Linux Enterprise Desktop 11 GA||ruby||Released|
|SUSE Linux Enterprise SDK 11 GA||ruby||Released|
|SUSE Linux Enterprise Server 11 GA||ruby||Released|