CVE - CVE - 2008 - 1447

CVE-ID
cve - 2008 - 1447	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
DNS协议,实现(1)绑定8和9 9.5.0-P1之前,9.4.2-P1, 9.3.5-P1;(2)微软在Windows 2000 SP4, DNS XP SP2和SP3,和服务器2003 SP1和SP2;和其他的实现允许远程攻击者恶搞DNS流量通过生日攻击使用in-bailiwick推荐针对递归解析器,进行缓存中毒相关不足的随机性DNS事务id和源端口,又名“DNS插座熵漏洞不足”或“Kaminsky bug”。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
AIXAPAR: IZ26667 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26667 AIXAPAR: IZ26668 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26668 AIXAPAR: IZ26669 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26669 AIXAPAR: IZ26670 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26670 AIXAPAR: IZ26671 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26671 AIXAPAR: IZ26672 URL: http://www.ibm.com/support/docview.wss?uid=isg1IZ26672 苹果:苹果- sa - 2008 - 07 - 31所示 URL: http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html 苹果:苹果- sa - 2008 - 09 - 09年 URL: http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html 苹果:苹果- sa - 2008 - 09 - 12所示 URL: http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html 苹果:苹果- sa - 2008 - 09 - 15所示 URL: http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html 报价:30131 URL: http://www.securityfocus.com/bid/30131 BUGTRAQ: 20080808新论文图解指南Kaminsky DNS漏洞 URL: http://www.securityfocus.com/archive/1/495289/100/0/threaded BUGTRAQ: 20080830 vmsa - 2008 - 0014更新VMware工作站,VMware的球员,VMware的王牌,VMware服务器VMware ESX地址信息披露、特权升级和其他安全问题。 URL: http://www.securityfocus.com/archive/1/495869/100/0/threaded 证书:ta08 - 190 a URL: http://www.us cert.gov/cas/techalerts/ta08 - 190 a.html 证书:ta08 - 190 b URL: http://www.us cert.gov/cas/techalerts/ta08 - 190 b.html 证书:ta08 - 260 a URL: http://www.us cert.gov/cas/techalerts/ta08 - 260 a.html CERT-VN: VU # 800113 URL: http://www.kb.cert.org/vuls/id/800113 思科:20080708多个思科产品容易DNS缓存中毒攻击 URL: http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml 确认:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 确认:http://support.apple.com/kb/HT3026 确认:http://support.apple.com/kb/HT3129 确认:http://support.citrix.com/article/CTX117991 确认:http://support.citrix.com/article/CTX118183 确认:http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152 确认:http://up2date.astaro.com/2008/08/up2date_7202_released.html 确认:http://wiki.rpath.com/wiki/Advisories: rpsa - 2008 - 0231 确认:http://wiki.rpath.com/wiki/Advisories: rpsa - 2010 - 0018 确认:http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning 确认:http://www.ipcop.org/index.php?name=News&万博下载包file=article&sid=40 确认:http://www.isc.org/index.pl?/sw/bind/bind-security.php 确认:http://www.kb.cert.org/vuls/id/MIMG-7DWR4J 确认:http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q 确认:http://www.novell.com/support/viewContent.do?externalId=7000912 确认:http://www.phys.uu.nl/ ~ rombouts / pdnsd.html 确认:http://www.phys.uu.nl/ ~ rombouts / pdnsd /更新日志确认:http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html 确认:http://www.ruby-lang.org/en/news/万博下载包2008/08/08/multiple-vulnerabilities-in-ruby/ 确认:http://www.vmware.com/security/advisories/vmsa - 2008 - 0014. - html DEBIAN: dsa - 1603 URL: http://www.debian.org/security/2008/dsa - 1603 DEBIAN: dsa - 1604 URL: http://www.debian.org/security/2008/dsa - 1604 DEBIAN: dsa - 1605 URL: http://www.debian.org/security/2008/dsa - 1605 DEBIAN: dsa - 1619 URL: http://www.debian.org/security/2008/dsa - 1619 DEBIAN: dsa - 1623 URL: http://www.debian.org/security/2008/dsa - 1623 EXPLOIT-DB: 6122 URL: https://www.exploit-db.com/exploits/6122 EXPLOIT-DB: 6123 URL: https://www.exploit-db.com/exploits/6123 EXPLOIT-DB: 6130 URL: https://www.exploit-db.com/exploits/6130 FEDORA: FEDORA - 2008 - 6256 URL: https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html FEDORA: FEDORA - 2008 - 6281 URL: https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html FREEBSD: FreeBSD-SA-08:06 URL: http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc FULLDISC: 20080830 vmsa - 2008 - 0014更新VMware工作站,VMware的球员,VMware的王牌,VMware服务器VMware ESX地址信息披露、特权升级和其他安全问题。 URL: http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html GENTOO: glsa - 200807 - 08年 URL: http://security.gentoo.org/glsa/glsa - 200807 - 08. - xml GENTOO: glsa - 200812 - 17所示 URL: http://security.gentoo.org/glsa/glsa - 200812 - 17. - xml GENTOO: glsa 25 - 201209 URL: http://security.gentoo.org/glsa/glsa - 201209 - 25. - xml 惠普:HPSBMP02404 URL: http://marc.info/?l=bugtraq&m=123324863916385&w=2 惠普:HPSBNS02405 URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 惠普:HPSBOV02357 URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 惠普:HPSBOV03226 URL: http://marc.info/?l=bugtraq&m=141879471518471&w=2 惠普:HPSBTU02358 URL: http://marc.info/?l=bugtraq&m=121866517322103&w=2 惠普:HPSBUX02351 URL: http://marc.info/?l=bugtraq&m=121630706004256&w=2 惠普:SSRT071449 URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 惠普:SSRT080058 URL: http://marc.info/?l=bugtraq&m=121630706004256&w=2 惠普:SSRT090014 URL: http://marc.info/?l=bugtraq&m=123324863916385&w=2 惠普:SSRT101004 URL: http://marc.info/?l=bugtraq&m=141879471518471&w=2 MANDRIVA: MDVSA-2008:139 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:139~~(过时的来源) MISC: http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html MISC: http://www.caughq.org/exploits/cau - ex - 2008 - 0002. - txt MISC: http://www.caughq.org/exploits/cau - ex - 2008 - 0003. - txt MISC: http://www.doxpara.com/?p=1176 MISC: http://www.doxpara.com/DMK_BO2K8.ppt MISC: http://www.nominum.com/asset_upload_file741_2661.pdf MISC: http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html 女士:ms08 - 037 URL: https://docs.microsoft.com/en - us/security updates/securitybulletins/2008/ms08 - 037 NETBSD: NETBSD - sa2008 - 009 URL: ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd txt.asc——sa2008 - 009. OPENBSD(4.2): 013:安全修复:2008年7月23日 URL: http://www.openbsd.org/errata42.html # 013 _bind OPENBSD(4.3): 004:安全修复:2008年7月23日 URL: http://www.openbsd.org/errata43.html # 004 _bind 椭圆形椭圆形:org.mitre.oval: def: 12117 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117 椭圆形椭圆形:org.mitre.oval: def: 5725 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725 椭圆形椭圆形:org.mitre.oval: def: 5761 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761 椭圆形椭圆形:org.mitre.oval: def: 5917 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917 椭圆形椭圆形:org.mitre.oval: def: 9627 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627 红帽:RHSA-2008:0533 URL: http://rhn.redhat.com/errata/rhsa - 2008 - 0533. - html 红帽:RHSA-2008:0789 URL: http://www.redhat.com/support/errata/rhsa - 2008 - 0789. - html SECTRACK: 1020437 URL: http://www.securitytracker.com/id?1020437 SECTRACK: 1020438 URL: http://www.securitytracker.com/id?1020438 SECTRACK: 1020440 URL: http://www.securitytracker.com/id?1020440 SECTRACK: 1020448 URL: http://www.securitytracker.com/id?1020448 SECTRACK: 1020449 URL: http://www.securitytracker.com/id?1020449 SECTRACK: 1020548 URL: http://www.securitytracker.com/id?1020548 SECTRACK: 1020558 URL: http://www.securitytracker.com/id?1020558 SECTRACK: 1020560 URL: http://www.securitytracker.com/id?1020560 SECTRACK: 1020561 URL: http://www.securitytracker.com/id?1020561 SECTRACK: 1020575 URL: http://www.securitytracker.com/id?1020575 SECTRACK: 1020576 URL: http://www.securitytracker.com/id?1020576 SECTRACK: 1020577 URL: http://www.securitytracker.com/id?1020577 SECTRACK: 1020578 URL: http://www.securitytracker.com/id?1020578 SECTRACK: 1020579 URL: http://www.securitytracker.com/id?1020579 SECTRACK: 1020651 URL: http://www.securitytracker.com/id?1020651 SECTRACK: 1020653 URL: http://www.securitytracker.com/id?1020653 SECTRACK: 1020702 URL: http://www.securitytracker.com/id?1020702 SECTRACK: 1020802 URL: http://www.securitytracker.com/id?1020802 SECTRACK: 1020804 URL: http://www.securitytracker.com/id?1020804 SECUNIA: 30925 URL: http://secunia.com/advisories/30925 SECUNIA: 30973 URL: http://secunia.com/advisories/30973 SECUNIA: 30977 URL: http://secunia.com/advisories/30977 SECUNIA: 30979 URL: http://secunia.com/advisories/30979 SECUNIA: 30980 URL: http://secunia.com/advisories/30980 SECUNIA: 30988 URL: http://secunia.com/advisories/30988 SECUNIA: 30989 URL: http://secunia.com/advisories/30989 SECUNIA: 30998 URL: http://secunia.com/advisories/30998 SECUNIA: 31011 URL: http://secunia.com/advisories/31011 SECUNIA: 31012 URL: http://secunia.com/advisories/31012 SECUNIA: 31014 URL: http://secunia.com/advisories/31014 SECUNIA: 31019 URL: http://secunia.com/advisories/31019 SECUNIA: 31022 URL: http://secunia.com/advisories/31022 SECUNIA: 31030 URL: http://secunia.com/advisories/31030 SECUNIA: 31031 URL: http://secunia.com/advisories/31031 SECUNIA: 31033 URL: http://secunia.com/advisories/31033 SECUNIA: 31052 URL: http://secunia.com/advisories/31052 SECUNIA: 31065 URL: http://secunia.com/advisories/31065 SECUNIA: 31072 URL: http://secunia.com/advisories/31072 SECUNIA: 31093 URL: http://secunia.com/advisories/31093 SECUNIA: 31094 URL: http://secunia.com/advisories/31094 SECUNIA: 31137 URL: http://secunia.com/advisories/31137 SECUNIA: 31143 URL: http://secunia.com/advisories/31143 SECUNIA: 31151 URL: http://secunia.com/advisories/31151 SECUNIA: 31152 URL: http://secunia.com/advisories/31152 SECUNIA: 31153 URL: http://secunia.com/advisories/31153 SECUNIA: 31169 URL: http://secunia.com/advisories/31169 SECUNIA: 31197 URL: http://secunia.com/advisories/31197 SECUNIA: 31199 URL: http://secunia.com/advisories/31199 SECUNIA: 31204 URL: http://secunia.com/advisories/31204 SECUNIA: 31207 URL: http://secunia.com/advisories/31207 SECUNIA: 31209 URL: http://secunia.com/advisories/31209 SECUNIA: 31212 URL: http://secunia.com/advisories/31212 SECUNIA: 31213 URL: http://secunia.com/advisories/31213 SECUNIA: 31221 URL: http://secunia.com/advisories/31221 SECUNIA: 31236 URL: http://secunia.com/advisories/31236 SECUNIA: 31237 URL: http://secunia.com/advisories/31237 SECUNIA: 31254 URL: http://secunia.com/advisories/31254 SECUNIA: 31326 URL: http://secunia.com/advisories/31326 SECUNIA: 31354 URL: http://secunia.com/advisories/31354 SECUNIA: 31422 URL: http://secunia.com/advisories/31422 SECUNIA: 31430 URL: http://secunia.com/advisories/31430 SECUNIA: 31451 URL: http://secunia.com/advisories/31451 SECUNIA: 31482 URL: http://secunia.com/advisories/31482 SECUNIA: 31495 URL: http://secunia.com/advisories/31495 SECUNIA: 31588 URL: http://secunia.com/advisories/31588 SECUNIA: 31687 URL: http://secunia.com/advisories/31687 SECUNIA: 31823 URL: http://secunia.com/advisories/31823 SECUNIA: 31882 URL: http://secunia.com/advisories/31882 SECUNIA: 31900 URL: http://secunia.com/advisories/31900 SECUNIA: 33178 URL: http://secunia.com/advisories/33178 SECUNIA: 33714 URL: http://secunia.com/advisories/33714 SECUNIA: 33786 URL: http://secunia.com/advisories/33786 SLACKWARE: SSA: 2008 - 191 URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239 SLACKWARE: SSA: 2008-205-01 URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680 SUNALERT: 239392 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1 - 26 - 239392 - 1~~(过时的来源) SUNALERT: 240048 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1 - 26 - 240048 - 1~~(过时的来源) SUSE: SUSE-SA: 2008:033 URL: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html SUSE: SUSE-SR: 2008:017 URL: http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html UBUNTU: usn - 622 - 1 URL: http://www.ubuntu.com/usn/usn - 622 - 1 UBUNTU: usn - 627 - 1 URL: http://www.ubuntu.com/usn/usn - 627 - 1 VUPEN:阿德- 2008 - 2019 URL:~~http://www.vupen.com/english/advisories/2008/2019/references~~(过时的来源) VUPEN:阿德- 2008 - 2023 URL:~~http://www.vupen.com/english/advisories/2008/2023/references~~(过时的来源) VUPEN:阿德- 2008 - 2025 URL:~~http://www.vupen.com/english/advisories/2008/2025/references~~(过时的来源) VUPEN:阿德- 2008 - 2029 URL:~~http://www.vupen.com/english/advisories/2008/2029/references~~(过时的来源) VUPEN:阿德- 2008 - 2030 URL:~~http://www.vupen.com/english/advisories/2008/2030/references~~(过时的来源) VUPEN:阿德- 2008 - 2050 URL:~~http://www.vupen.com/english/advisories/2008/2050/references~~(过时的来源) VUPEN:阿德- 2008 - 2051 URL:~~http://www.vupen.com/english/advisories/2008/2051/references~~(过时的来源) VUPEN:阿德- 2008 - 2052 URL:~~http://www.vupen.com/english/advisories/2008/2052/references~~(过时的来源) VUPEN:阿德- 2008 - 2055 URL:~~http://www.vupen.com/english/advisories/2008/2055/references~~(过时的来源) VUPEN:阿德- 2008 - 2092 URL:~~http://www.vupen.com/english/advisories/2008/2092/references~~(过时的来源) VUPEN:阿德- 2008 - 2113 URL:~~http://www.vupen.com/english/advisories/2008/2113/references~~(过时的来源) VUPEN:阿德- 2008 - 2114 URL:~~http://www.vupen.com/english/advisories/2008/2114/references~~(过时的来源) VUPEN:阿德- 2008 - 2123 URL:~~http://www.vupen.com/english/advisories/2008/2123/references~~(过时的来源) VUPEN:阿德- 2008 - 2139 URL:~~http://www.vupen.com/english/advisories/2008/2139/references~~(过时的来源) VUPEN:阿德- 2008 - 2166 URL:~~http://www.vupen.com/english/advisories/2008/2166/references~~(过时的来源) VUPEN:阿德- 2008 - 2195 URL:~~http://www.vupen.com/english/advisories/2008/2195/references~~(过时的来源) VUPEN:阿德- 2008 - 2196 URL:~~http://www.vupen.com/english/advisories/2008/2196/references~~(过时的来源) VUPEN:阿德- 2008 - 2197 URL:~~http://www.vupen.com/english/advisories/2008/2197/references~~(过时的来源) VUPEN:阿德- 2008 - 2268 URL:~~http://www.vupen.com/english/advisories/2008/2268~~(过时的来源) VUPEN:阿德- 2008 - 2291 URL:~~http://www.vupen.com/english/advisories/2008/2291~~(过时的来源) VUPEN:阿德- 2008 - 2334 URL:~~http://www.vupen.com/english/advisories/2008/2334~~(过时的来源) VUPEN:阿德- 2008 - 2342 URL:~~http://www.vupen.com/english/advisories/2008/2342~~(过时的来源) VUPEN:阿德- 2008 - 2377 URL:~~http://www.vupen.com/english/advisories/2008/2377~~(过时的来源) VUPEN:阿德- 2008 - 2383 URL:~~http://www.vupen.com/english/advisories/2008/2383~~(过时的来源) VUPEN:阿德- 2008 - 2384 URL:~~http://www.vupen.com/english/advisories/2008/2384~~(过时的来源) VUPEN:阿德- 2008 - 2466 URL:~~http://www.vupen.com/english/advisories/2008/2466~~(过时的来源) VUPEN:阿德- 2008 - 2467 URL:~~http://www.vupen.com/english/advisories/2008/2467~~(过时的来源) VUPEN:阿德- 2008 - 2482 URL:~~http://www.vupen.com/english/advisories/2008/2482~~(过时的来源) VUPEN:阿德- 2008 - 2525 URL:~~http://www.vupen.com/english/advisories/2008/2525~~(过时的来源) VUPEN:阿德- 2008 - 2549 URL:~~http://www.vupen.com/english/advisories/2008/2549~~(过时的来源) VUPEN:阿德- 2008 - 2558 URL:~~http://www.vupen.com/english/advisories/2008/2558~~(过时的来源) VUPEN:阿德- 2008 - 2582 URL:~~http://www.vupen.com/english/advisories/2008/2582~~(过时的来源) VUPEN:阿德- 2008 - 2584 URL:~~http://www.vupen.com/english/advisories/2008/2584~~(过时的来源) VUPEN:阿德- 2009 - 0297 URL:~~http://www.vupen.com/english/advisories/2009/0297~~(过时的来源) VUPEN:阿德- 2009 - 0311 URL:~~http://www.vupen.com/english/advisories/2009/0311~~(过时的来源) VUPEN:阿德- 2010 - 0622 URL:~~http://www.vupen.com/english/advisories/2010/0622~~(过时的来源) XF: cisco-multiple-dns-cache-poisoning (43637) URL: https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 XF: win-dns-client-server-spoofing (43334) URL: https://exchange.xforce.ibmcloud.com/vulnerabilities/43334
分配中央社
微软公司
创建日期记录
20080321	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20080321)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

cve - 2008 - 1447