Home > Vulnerability Database > CVE-2007-2926

WhiteSource Vulnerability Database

CVE-2007-2926

Good to know:

Date: July 24, 2007

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

Severity Score

3.7

Related Resources (5)

Url: http://docs.info.apple.com/article.html?artnum=307041

Url: http://secunia.com/advisories/26152

Url: http://secunia.com/advisories/26195

Url: http://www.redhat.com/support/errata/RHSA-2007-0740.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-2926

Severity Score

3.7

Top Fix

Upgrade Version

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

WhiteSource Vulnerability Database

We found results for “”

CVE-2007-2926

Good to know:

Date: July 24, 2007

Severity Score

Related Resources (5)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?