漏洞信息(CVE-2008-1447)

一、漏洞 CVE-2008-1447 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

DNS协议，如(1)在bind 8和9之前9.5.0-P1,9.4.2-P1和9.3.5-P1;(2)在Windows 2000 SP4, XP SP2和SP3以及Server 2003 SP1和SP2中的Microsoft DNS；以及其他实现允许远程攻击者通过生日攻击来伪造DNS流量，该攻击利用边界服务器引用对递归解调器进行缓存污染，与DNS交易ID和源端口的不够随机性相关，称为“DNS insufficient socket entropy vulnerability”或“ Kaminsky bug”。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

ISC BIND 安全特征问题漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 ISC BIND 4版本、8版本和9.2.9版本中的DNS协议存在安全特征问题漏洞。该漏洞是源于网络系统或产品中缺少身份验证、访问控制、权限管理等安全措施。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

授权问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2008-1447 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2008-1447 的情报信息

http://www.kb.cert.org/vuls/id/MIMG-7DWR4J x_refsource_CONFIRM
http://www.phys.uu.nl/~rombouts/pdnsd.html x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0014.html x_refsource_CONFIRM
http://support.citrix.com/article/CTX117991 x_refsource_CONFIRM
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog x_refsource_CONFIRM
http://www.nominum.com/asset_upload_file741_2661.pdf x_refsource_MISC
http://up2date.astaro.com/2008/08/up2date_7202_released.html x_refsource_CONFIRM
http://support.apple.com/kb/HT3026 x_refsource_CONFIRM
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ x_refsource_CONFIRM
http://support.apple.com/kb/HT3129 x_refsource_CONFIRM
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152 x_refsource_CONFIRM
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
http://www.doxpara.com/?p=1176 x_refsource_MISC
http://www.isc.org/index.pl?/sw/bind/bind-security.php x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231 x_refsource_CONFIRM
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html x_refsource_CONFIRM
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html x_refsource_MISC
http://www.doxpara.com/DMK_BO2K8.ppt x_refsource_MISC
http://www.caughq.org/exploits/CAU-EX-2008-0003.txt x_refsource_MISC
http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q x_refsource_CONFIRM
http://support.citrix.com/article/CTX118183 x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 x_refsource_CONFIRM
http://www.caughq.org/exploits/CAU-EX-2008-0002.txt x_refsource_MISC
http://www.novell.com/support/viewContent.do?externalId=7000912 x_refsource_CONFIRM
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning x_refsource_CONFIRM
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html x_refsource_MISC
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 x_refsource_CONFIRM
https://www.exploit-db.com/exploits/6130 exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/6123 exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/6122 exploit x_refsource_EXPLOIT-DB
http://secunia.com/advisories/31137 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31430 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31169 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/30131 vdb-entry x_refsource_BID
http://secunia.com/advisories/31236 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31209 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31012 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31151 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31237 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31495 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30998 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31094 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31687 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31588 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31019 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31207 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31031 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31451 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30977 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31221 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31143 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33714 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33786 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31882 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31014 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30979 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31072 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31482 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30989 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31065 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31254 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31153 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31213 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31030 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31033 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31823 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31326 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31900 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30925 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30973 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31204 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31354 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33178 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30988 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31011 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31422 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31197 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31022 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31093 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31052 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30980 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31199 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31212 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31152 third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1 vendor-advisory x_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1 vendor-advisory x_refsource_SUNALERT
http://www.securitytracker.com/id?1020438 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020702 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020561 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020578 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020802 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020651 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020437 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020579 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020653 vdb-entry x_refsource_SECTRACK
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668 vendor-advisory x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671 vendor-advisory x_refsource_AIXAPAR
http://www.securitytracker.com/id?1020558 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020804 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020448 vdb-entry x_refsource_SECTRACK
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669 vendor-advisory x_refsource_AIXAPAR
http://www.securitytracker.com/id?1020575 vdb-entry x_refsource_SECTRACK
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672 vendor-advisory x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670 vendor-advisory x_refsource_AIXAPAR
http://www.securitytracker.com/id?1020576 vdb-entry x_refsource_SECTRACK
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667 vendor-advisory x_refsource_AIXAPAR
http://www.securitytracker.com/id?1020440 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020560 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020577 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020548 vdb-entry x_refsource_SECTRACK
http://www.securitytracker.com/id?1020449 vdb-entry x_refsource_SECTRACK
http://www.debian.org/security/2008/dsa-1603 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1619 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1604 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1623 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1605 vendor-advisory x_refsource_DEBIAN
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 vendor-advisory x_refsource_MS
http://www.kb.cert.org/vuls/id/800113 third-party-advisory x_refsource_CERT-VN
http://www.us-cert.gov/cas/techalerts/TA08-260A.html third-party-advisory x_refsource_CERT
http://www.ubuntu.com/usn/usn-627-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-622-1 vendor-advisory x_refsource_UBUNTU
http://www.us-cert.gov/cas/techalerts/TA08-190B.html third-party-advisory x_refsource_CERT
http://www.us-cert.gov/cas/techalerts/TA08-190A.html third-party-advisory x_refsource_CERT
http://marc.info/?l=bugtraq&m=121630706004256&w=2 vendor-advisory x_refsource_HP
http://marc.info/?l=bugtraq&m=141879471518471&w=2 vendor-advisory x_refsource_HP
http://marc.info/?l=bugtraq&m=123324863916385&w=2 vendor-advisory x_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 vendor-advisory x_refsource_HP
http://marc.info/?l=bugtraq&m=121866517322103&w=2 vendor-advisory x_refsource_HP
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 vendor-advisory x_refsource_HP
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239 vendor-advisory x_refsource_SLACKWARE
http://www.vupen.com/english/advisories/2008/2052/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2050/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2525 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2025/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2029/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2268 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/0297 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2584 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2051/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2377 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2195/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2196/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2384 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2123/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2482 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2166/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2139/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2092/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2055/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/0622 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2549 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2558 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2383 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/0311 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2582 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2342 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2114/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2334 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2467 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2030/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2291 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2023/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2466 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2113/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2019/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2197/references vdb-entry x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-201209-25.xml vendor-advisory x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2008-0789.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2008-0533.html vendor-advisory x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139 vendor-advisory x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200812-17.xml vendor-advisory x_refsource_GENTOO
http://security.gentoo.org/glsa/glsa-200807-08.xml vendor-advisory x_refsource_GENTOO
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680 vendor-advisory x_refsource_SLACKWARE
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html vendor-advisory x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html vendor-advisory x_refsource_SUSE
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc vendor-advisory x_refsource_FREEBSD
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html vendor-advisory x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html vendor-advisory x_refsource_FEDORA
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc vendor-advisory x_refsource_NETBSD
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html vendor-advisory x_refsource_APPLE
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html vendor-advisory x_refsource_APPLE
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html vendor-advisory x_refsource_APPLE
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html vendor-advisory x_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627 vdb-entry signature x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761 vdb-entry signature x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917 vdb-entry signature x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725 vdb-entry signature x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117 vdb-entry signature x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334 vdb-entry x_refsource_XF
http://www.openbsd.org/errata42.html#013_bind vendor-advisory x_refsource_OPENBSD
http://www.openbsd.org/errata43.html#004_bind vendor-advisory x_refsource_OPENBSD
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 vdb-entry x_refsource_XF
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml vendor-advisory x_refsource_CISCO
http://www.securityfocus.com/archive/1/495289/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/495869/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html mailing-list x_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2008-1447

一、 漏洞 CVE-2008-1447 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2008-1447 的公开POC

三、漏洞 CVE-2008-1447 的情报信息

一、漏洞 CVE-2008-1447 基础信息