Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1146

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1146
Last Modified 05 Sep 2008 05:36:55
Published 04 Mar 2008 06:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1146

Summary

A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND.

Vulnerable Systems

Application

  • Cosmicperl Directory Pro 10.0.3

  • Darwin 1.0

  • Darwin 9.1

  • Navision Financials Server 3.0


References

MISC - http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf

BID - 27647

BUGTRAQ - 20080206 A paper by Amit Klein (Trusteer): "OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability"

MISC - http://www.securiteam.com/securityreviews/5PP0H0UNGW.html

SECUNIA - 28819

XF - openbsd-prng-dns-spoofing(40329)


Last Updated: 27 May 2016 10:47:02