CVE-2008-1447
Description
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka DNS Insufficient Socket Entropy Vulnerability or the Kaminsky bug.
Risk Information
Base Score
6.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS Score
Exploitation Probability
86.914
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update bind 9.2.9 to latest version | Windows |
| Vulnerabilities CVE-1999-0010,CVE-1999-0011,CVE-2006-0527,CVE-2008-1447 are affected in BIND 8 | Windows |
| Vulnerabilities CVE-2006-0527,CVE-2008-1447 are affected in BIND 4 | Windows |
| Vulnerabilities CVE-2008-1447,CVE-2009-4022,CVE-2010-0097,CVE-2011-1910 are affected in BIND 9.2.9 | Windows |
| (RHSA-2008:0533) Important: bind security update selinux-policy-2.4.6-137.1.el5_2.noarch.rpm | Linux |
| (RHSA-2008:0533) Important: bind security update selinux-policy-devel-2.4.6-137.1.el5_2.noarch.rpm | Linux |
| (RHSA-2008:0533) Important: bind security update selinux-policy-mls-2.4.6-137.1.el5_2.noarch.rpm | Linux |
| (RHSA-2008:0533) Important: bind security update selinux-policy-strict-2.4.6-137.1.el5_2.noarch.rpm | Linux |
| (RHSA-2008:0533) Important: bind security update selinux-policy-targeted-2.4.6-137.1.el5_2.noarch.rpm | Linux |
| Ruby update (ELSA-2023-7025) ruby-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby update (ELSA-2023-7025) ruby-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Ruby-devel update (ELSA-2023-7025) ruby-devel-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby-devel update (ELSA-2023-7025) ruby-devel-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Ruby-doc update (ELSA-2023-7025) ruby-doc-2.5.9-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Ruby-irb update (ELSA-2023-7025) ruby-irb-2.5.9-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Ruby-libs update (ELSA-2023-7025) ruby-libs-2.5.9-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Ruby-libs update (ELSA-2023-7025) ruby-libs-2.5.9-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-abrt update (ELSA-2023-7025) rubygem-abrt-0.3.0-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-abrt-doc update (ELSA-2023-7025) rubygem-abrt-doc-0.3.0-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2023-7025) rubygem-bigdecimal-1.3.4-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2023-7025) rubygem-bigdecimal-1.3.4-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-bson update (ELSA-2023-7025) rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-bson-doc update (ELSA-2023-7025) rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bundler update (ELSA-2023-7025) rubygem-bundler-1.16.1-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-bundler-doc update (ELSA-2023-7025) rubygem-bundler-doc-1.16.1-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-did_you_mean update (ELSA-2023-7025) rubygem-did_you_mean-1.2.0-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-io-console update (ELSA-2023-7025) rubygem-io-console-0.4.6-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-io-console update (ELSA-2023-7025) rubygem-io-console-0.4.6-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-json update (ELSA-2023-7025) rubygem-json-2.1.0-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-json update (ELSA-2023-7025) rubygem-json-2.1.0-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-minitest update (ELSA-2023-7025) rubygem-minitest-5.10.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mongo update (ELSA-2023-7025) rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mongo-doc update (ELSA-2023-7025) rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-mysql2 update (ELSA-2023-7025) rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-mysql2-doc update (ELSA-2023-7025) rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-net-telnet update (ELSA-2023-7025) rubygem-net-telnet-0.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-openssl update (ELSA-2023-7025) rubygem-openssl-2.1.2-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-openssl update (ELSA-2023-7025) rubygem-openssl-2.1.2-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-pg update (ELSA-2023-7025) rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-pg-doc update (ELSA-2023-7025) rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-power_assert update (ELSA-2023-7025) rubygem-power_assert-1.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-psych update (ELSA-2023-7025) rubygem-psych-3.0.2-111.module+el8.9.0+90042+a65659a6.i686.rpm | Linux |
| Rubygem-psych update (ELSA-2023-7025) rubygem-psych-3.0.2-111.module+el8.9.0+90042+a65659a6.x86_64.rpm | Linux |
| Rubygem-rake update (ELSA-2023-7025) rubygem-rake-12.3.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-rdoc update (ELSA-2023-7025) rubygem-rdoc-6.0.1.1-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-test-unit update (ELSA-2023-7025) rubygem-test-unit-3.2.7-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-xmlrpc update (ELSA-2023-7025) rubygem-xmlrpc-0.3.0-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygems update (ELSA-2023-7025) rubygems-2.7.6.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygems-devel update (ELSA-2023-7025) rubygems-devel-2.7.6.3-111.module+el8.9.0+90042+a65659a6.noarch.rpm | Linux |
| Rubygem-json update (ELSA-2025-4063) rubygem-json-2.6.1-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-json update (ELSA-2025-4063) rubygem-json-2.6.1-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-irb update (ELSA-2025-4063) rubygem-irb-1.4.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-io-console update (ELSA-2025-4063) rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-io-console update (ELSA-2025-4063) rubygem-io-console-0.5.11-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-bundler update (ELSA-2025-4063) rubygem-bundler-2.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2025-4063) rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-bigdecimal update (ELSA-2025-4063) rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-abrt-doc update (ELSA-2025-4063) rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-mysql2 update (ELSA-2025-4063) rubygem-mysql2-0.5.3-2.module+el8.7.0+20780+b11ff321.x86_64.rpm | Linux |
| Ruby-libs update (ELSA-2025-4063) ruby-libs-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-libs update (ELSA-2025-4063) ruby-libs-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby-doc update (ELSA-2025-4063) ruby-doc-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Ruby-devel update (ELSA-2025-4063) ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-devel update (ELSA-2025-4063) ruby-devel-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby-default-gems update (ELSA-2025-4063) ruby-default-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Ruby-bundled-gems update (ELSA-2025-4063) ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby-bundled-gems update (ELSA-2025-4063) ruby-bundled-gems-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Ruby update (ELSA-2025-4063) ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Ruby update (ELSA-2025-4063) ruby-3.1.7-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-abrt update (ELSA-2025-4063) rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygems-devel update (ELSA-2025-4063) rubygems-devel-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygems update (ELSA-2025-4063) rubygems-3.3.27-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-typeprof update (ELSA-2025-4063) rubygem-typeprof-0.21.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-test-unit update (ELSA-2025-4063) rubygem-test-unit-3.5.3-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rss update (ELSA-2025-4063) rubygem-rss-0.3.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rexml update (ELSA-2025-4063) rubygem-rexml-3.3.9-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rdoc update (ELSA-2025-4063) rubygem-rdoc-6.4.1.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-rbs update (ELSA-2025-4063) rubygem-rbs-2.7.0-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-rbs update (ELSA-2025-4063) rubygem-rbs-2.7.0-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-rake update (ELSA-2025-4063) rubygem-rake-13.0.6-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-psych update (ELSA-2025-4063) rubygem-psych-4.0.4-145.module+el8.10.0+90550+7d8a4a30.x86_64.rpm | Linux |
| Rubygem-psych update (ELSA-2025-4063) rubygem-psych-4.0.4-145.module+el8.10.0+90550+7d8a4a30.i686.rpm | Linux |
| Rubygem-power_assert update (ELSA-2025-4063) rubygem-power_assert-2.0.1-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Rubygem-pg-doc update (ELSA-2025-4063) rubygem-pg-doc-1.3.2-1.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-pg update (ELSA-2025-4063) rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.x86_64.rpm | Linux |
| Rubygem-mysql2-doc update (ELSA-2025-4063) rubygem-mysql2-doc-0.5.3-2.module+el8.7.0+20780+b11ff321.noarch.rpm | Linux |
| Rubygem-minitest update (ELSA-2025-4063) rubygem-minitest-5.15.0-145.module+el8.10.0+90550+7d8a4a30.noarch.rpm | Linux |
| Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks For Cisco IOS | NCM |
| Insufficient Entropy Vulnerability (CVE-2008-1447) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706090 | Security Update for Cisco IOS Amsterdam-17.2.1r |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234