BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote malicious users to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 4.9 |
||
isc bind 4.9.10 |
||
isc bind 4.9.7 |
||
isc bind 4.9.8 |
||
isc bind 8.2.2 |
||
isc bind 8.2.7 |
||
isc bind 8.3.0 |
||
isc bind 4.9.5 |
||
isc bind 4.9.6 |
||
isc bind 8.2.5 |
||
isc bind 8.2.6 |
||
isc bind 4.9.2 |
||
isc bind 4.9.3 |
||
isc bind 4.9.9 |
||
isc bind 8.2 |
||
isc bind 8.2.1 |
||
isc bind 8.3.1 |
||
isc bind 8.3.2 |
||
isc bind 4.9.4 |
||
isc bind 8.2.3 |
||
isc bind 8.2.4 |
||
isc bind 8.3.3 |
||
isc bind 8.3.4 |