Norton.com > Viruses & Risks > Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability

Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability

Risk

High

Date Discovered

July 8, 2008

Description

Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable.

Technologies Affected

  • Apple Mac OS X 10.4.0
  • Apple Mac OS X 10.4.1
  • Apple Mac OS X 10.4.10
  • Apple Mac OS X 10.4.11
  • Apple Mac OS X 10.4.2
  • Apple Mac OS X 10.4.3
  • Apple Mac OS X 10.4.4
  • Apple Mac OS X 10.4.5
  • Apple Mac OS X 10.4.6
  • Apple Mac OS X 10.4.7
  • Apple Mac OS X 10.4.8
  • Apple Mac OS X 10.4.9
  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X 10.5.4
  • Apple Mac OS X Server 10.4.0
  • Apple Mac OS X Server 10.4.1
  • Apple Mac OS X Server 10.4.10
  • Apple Mac OS X Server 10.4.11
  • Apple Mac OS X Server 10.4.2
  • Apple Mac OS X Server 10.4.3
  • Apple Mac OS X Server 10.4.4
  • Apple Mac OS X Server 10.4.5
  • Apple Mac OS X Server 10.4.6
  • Apple Mac OS X Server 10.4.7
  • Apple Mac OS X Server 10.4.8
  • Apple Mac OS X Server 10.4.9
  • Apple Mac OS X Server 10.5
  • Apple Mac OS X Server 10.5.1
  • Apple Mac OS X Server 10.5.2
  • Apple Mac OS X Server 10.5.3
  • Apple Mac OS X Server 10.5.4
  • Apple iPhone
  • Apple iPhone 1
  • Apple iPhone 1.0.1
  • Apple iPhone 1.0.2
  • Apple iPhone 1.1
  • Apple iPhone 1.1.1
  • Apple iPhone 1.1.2
  • Apple iPhone 1.1.3
  • Apple iPhone 1.1.4
  • Apple iPhone 2.0
  • Apple iPhone 2.0.1
  • Apple iPhone 2.0.2
  • Apple iPod Touch 1.1
  • Apple iPod Touch 1.1.1
  • Apple iPod Touch 1.1.2
  • Apple iPod Touch 1.1.3
  • Apple iPod Touch 1.1.4
  • Apple iPod Touch 2.0
  • Apple iPod Touch 2.0.1
  • Apple iPod Touch 2.0.2
  • Astaro Security Gateway 7
  • Avaya Messaging Application Server
  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Blue Coat Systems Director
  • Blue Coat Systems PacketShaper
  • Blue Coat Systems ProxyRA
  • Blue Coat Systems ProxySG
  • Blue Coat Systems iShaper
  • Bluecat Networks Adonis (Firmware) 4.1.0.43
  • Bluecat Networks Adonis (Firmware) 5.0
  • Bluecat Networks Adonis (Firmware) 5.0.2.8
  • Bluecat Networks Adonis (Firmware) 5.0.5
  • Bluecat Networks Adonis (Firmware) 5.1.0
  • Bluecat Networks Adonis (Firmware) 5.1.0.7
  • Bluecat Networks Adonis (Firmware) 5.1.0.8
  • Bluecat Networks Adonis (Firmware) 5.1.1
  • Cisco Application & Content Networking Software
  • Cisco Application & Content Networking Software (ACNS)
  • Cisco Application & Content Networking Software 4.0.3
  • Cisco Application & Content Networking Software 4.1.1
  • Cisco Application & Content Networking Software 4.1.3
  • Cisco Application & Content Networking Software 4.2.0
  • Cisco Application & Content Networking Software 4.2.11
  • Cisco Application & Content Networking Software 4.2.7
  • Cisco Application & Content Networking Software 4.2.9
  • Cisco Application & Content Networking Software 5.0.0
  • Cisco Application & Content Networking Software 5.0.1
  • Cisco Application & Content Networking Software 5.0.17 .6
  • Cisco Application & Content Networking Software 5.0.3
  • Cisco Application & Content Networking Software 5.0.5
  • Cisco Application & Content Networking Software 5.1.0
  • Cisco Application & Content Networking Software 5.1.11 .6
  • Cisco Application & Content Networking Software 5.1.13 .7
  • Cisco Application & Content Networking Software 5.1.15
  • Cisco Application & Content Networking Software 5.1.9
  • Cisco Application & Content Networking Software 5.2.0
  • Cisco Application & Content Networking Software 5.2.1 .7
  • Cisco Application & Content Networking Software 5.2.3 .9
  • Cisco Application & Content Networking Software 5.2.7
  • Cisco Application & Content Networking Software 5.3.3
  • Cisco Application & Content Networking Software 5.5.7
  • Cisco CNS Network Registrar 6.1.0
  • Cisco CNS Network Registrar 6.1.1
  • Cisco CNS Network Registrar 6.1.1 .1
  • Cisco CNS Network Registrar 6.1.1 .2
  • Cisco CNS Network Registrar 6.1.1 .3
  • Cisco CNS Network Registrar 6.1.1 .4
  • Cisco IOS 12.0DB
  • Cisco IOS 12.0DC
  • Cisco IOS 12.0T
  • Cisco IOS 12.0WC
  • Cisco IOS 12.0XE
  • Cisco IOS 12.0XK
  • Cisco IOS 12.0XR
  • Cisco IOS 12.1
  • Cisco IOS 12.1AY
  • Cisco IOS 12.1DB
  • Cisco IOS 12.1EA
  • Cisco IOS 12.1EX
  • Cisco IOS 12.1T
  • Cisco IOS 12.1XC
  • Cisco IOS 12.1YE
  • Cisco IOS 12.2
  • Cisco IOS 12.2B
  • Cisco IOS 12.2BW
  • Cisco IOS 12.2BY
  • Cisco IOS 12.2CZ
  • Cisco IOS 12.2T
  • Cisco IOS 12.2TPC
  • Cisco IOS 12.2XB
  • Cisco IOS 12.2XC
  • Cisco IOS 12.2XG
  • Cisco IOS 12.2XK
  • Cisco IOS 12.2XL
  • Cisco IOS 12.2XT
  • Cisco IOS 12.2XU
  • Cisco IOS 12.2YJ
  • Cisco IOS 12.2YL
  • Cisco IOS 12.2YM
  • Cisco IOS 12.2YN
  • Cisco IOS 12.2YO
  • Cisco IOS 12.2YT
  • Cisco IOS 12.2YU
  • Cisco IOS 12.2YV
  • Cisco IOS 12.2ZB
  • Cisco IOS 12.2ZD
  • Cisco IOS 12.2ZE
  • Cisco IOS 12.2ZF
  • Cisco IOS 12.2ZG
  • Cisco IOS 12.2ZH
  • Cisco IOS 12.2ZJ
  • Cisco IOS 12.2ZL
  • Cisco IOS 12.3
  • Cisco IOS 12.3B
  • Cisco IOS 12.3BW
  • Cisco IOS 12.3T
  • Cisco IOS 12.3TPC
  • Cisco IOS 12.3VA
  • Cisco IOS 12.3XA
  • Cisco IOS 12.3XB
  • Cisco IOS 12.3XC
  • Cisco IOS 12.3XD
  • Cisco IOS 12.3XE
  • Cisco IOS 12.3XF
  • Cisco IOS 12.3XG
  • Cisco IOS 12.3XH
  • Cisco IOS 12.3XI
  • Cisco IOS 12.3XJ
  • Cisco IOS 12.3XK
  • Cisco IOS 12.3XQ
  • Cisco IOS 12.3XR
  • Cisco IOS 12.3XS
  • Cisco IOS 12.3XW
  • Cisco IOS 12.3YA
  • Cisco IOS 12.3YD
  • Cisco IOS 12.3YF
  • Cisco IOS 12.3YG
  • Cisco IOS 12.3YH
  • Cisco IOS 12.3YI
  • Cisco IOS 12.3YK
  • Cisco IOS 12.3YM
  • Cisco IOS 12.3YS
  • Cisco IOS 12.3YT
  • Cisco IOS 12.3YU
  • Cisco IOS 12.3YX
  • Cisco IOS 12.3YZ
  • Cisco IOS 12.4
  • Cisco IOS 12.4MD
  • Cisco IOS 12.4MR
  • Cisco IOS 12.4SW
  • Cisco IOS 12.4T
  • Cisco IOS 12.4XA
  • Cisco IOS 12.4XB
  • Cisco IOS 12.4XC
  • Cisco IOS 12.4XD
  • Cisco IOS 12.4XE
  • Cisco IOS 12.4XJ
  • Cisco IOS 12.4XL
  • Cisco IOS 12.4XM
  • Cisco IOS 12.4XN
  • Cisco IOS 12.4XQ
  • Cisco IOS 12.4XT
  • Cisco IOS 12.4XV
  • Cisco IOS 12.4XW
  • Cisco IOS 12.4XY
  • Cisco IOS 12.4XZ
  • Cisco Network Registar
  • Cisco Network Registar 6.1
  • Cisco Network Registar 6.3
  • Cisco Network Registar 7.0
  • Citrix Access Gateway Advanced Edition 4.5
  • Citrix Access Gateway Standard Edition 4.5
  • Citrix Access Gateway Standard Edition 4.5.6
  • Citrix Access Gateway Standard Edition 4.5.7
  • Citrix Access Gateway Standard Edition 4.5.7 Rev A
  • Citrix NetScaler 8.0 Build 47.8
  • Citrix NetScaler 8.1 Build 57.3
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Dnsmasq Dnsmasq 2.35
  • Dnsmasq Dnsmasq 2.4.1
  • F5 3-DNS 4.5.0
  • F5 3-DNS 4.5.11
  • F5 3-DNS 4.5.12
  • F5 3-DNS 4.5.13
  • F5 3-DNS 4.5.14
  • F5 3-DNS 4.6.0
  • F5 3-DNS 4.6.1
  • F5 3-DNS 4.6.2
  • F5 3-DNS 4.6.3
  • F5 3-DNS 4.6.4
  • F5 BigIP 4.5.0
  • F5 BigIP 4.5.10
  • F5 BigIP 4.5.11
  • F5 BigIP 4.5.12
  • F5 BigIP 4.5.13
  • F5 BigIP 4.5.14
  • F5 BigIP 4.5.6
  • F5 BigIP 4.5.9
  • F5 BigIP 4.6.0
  • F5 BigIP 4.6.1
  • F5 BigIP 4.6.2
  • F5 BigIP 4.6.3
  • F5 BigIP 4.6.4
  • F5 BigIP 8.0
  • F5 BigIP 9.3
  • F5 BigIP 9.3.1
  • F5 BigIP 9.4
  • F5 BigIP 9.4.3
  • F5 BigIP 9.4.5
  • F5 BigIP 9.6
  • F5 BigIP 9.6.1
  • F5 Enterprise Manager 1.2
  • F5 Enterprise Manager 1.4.1
  • F5 Enterprise Manager 1.6
  • F5 FirePass 5.5
  • F5 FirePass 5.5.2
  • F5 FirePass 6.0
  • F5 FirePass 6.0.1
  • F5 FirePass 6.0.2
  • F5 WANJet 5.0
  • F5 WANJet 5.0.2
  • FreeBSD FreeBSD 6.3
  • FreeBSD FreeBSD 6.3 -RELENG
  • FreeBSD FreeBSD 7.0
  • FreeBSD FreeBSD 7.0 -RELENG
  • Gentoo Linux
  • Gentoo net-dns/dnsmasq 2.43
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • HP MPE/iX 6.5.0
  • HP MPE/iX 7.0.0
  • HP MPE/iX 7.5.0
  • HP NonStop Server 6
  • HP OpenVMS TCPIP 5.7
  • HP OpenVMS TCPIP 5.7 ECO5
  • HP Storage Management Appliance 2.1
  • HP TCP/IP Services for OpenVMS Alpha 5.4
  • HP TCP/IP Services for OpenVMS Alpha 5.5
  • HP TCP/IP Services for OpenVMS Alpha 5.6
  • HP TCP/IP Services for OpenVMS Integrity 5.5
  • HP TCP/IP Services for OpenVMS Integrity 5.6
  • HP Tru64 UNIX 5.1.0 B-3
  • HP Tru64 UNIX 5.1.0 B-4
  • IBM AIX 5.2
  • IBM AIX 5.3
  • IBM AIX 5.3.7
  • IBM AIX 5.3.8
  • IBM AIX 5.3.9
  • IBM AIX 6.1
  • IBM AIX 6.1.1
  • IBM AIX 6.1.2
  • IPCop IPCop 1.4.10
  • IPCop IPCop 1.4.11
  • IPCop IPCop 1.4.12
  • IPCop IPCop 1.4.13
  • IPCop IPCop 1.4.14
  • IPCop IPCop 1.4.15
  • IPCop IPCop 1.4.16
  • IPCop IPCop 1.4.17
  • IPCop IPCop 1.4.18
  • ISC BIND 8.1.0
  • ISC BIND 8.1.1
  • ISC BIND 8.1.2
  • ISC BIND 8.2.0
  • ISC BIND 8.2.1
  • ISC BIND 8.2.2
  • ISC BIND 8.2.2 P1
  • ISC BIND 8.2.2 P2
  • ISC BIND 8.2.2 P3
  • ISC BIND 8.2.2 P4
  • ISC BIND 8.2.2 P5
  • ISC BIND 8.2.2 P6
  • ISC BIND 8.2.2 P7
  • ISC BIND 8.2.3
  • ISC BIND 8.2.3 Beta
  • ISC BIND 8.2.4
  • ISC BIND 8.2.5
  • ISC BIND 8.2.6
  • ISC BIND 8.2.7
  • ISC BIND 8.3.0 .0
  • ISC BIND 8.3.1
  • ISC BIND 8.3.2
  • ISC BIND 8.3.3
  • ISC BIND 8.3.4
  • ISC BIND 8.3.5
  • ISC BIND 8.3.6
  • ISC BIND 8.3.7
  • ISC BIND 8.4.0
  • ISC BIND 8.4.1
  • ISC BIND 8.4.2
  • ISC BIND 8.4.3
  • ISC BIND 8.4.4
  • ISC BIND 8.4.5
  • ISC BIND 8.4.6
  • ISC BIND 8.4.7
  • ISC BIND 8.4.7-P1
  • ISC BIND 9.0.0
  • ISC BIND 9.0.1
  • ISC BIND 9.1.0
  • ISC BIND 9.1.1
  • ISC BIND 9.1.2
  • ISC BIND 9.1.3
  • ISC BIND 9.2.0
  • ISC BIND 9.2.1
  • ISC BIND 9.2.2
  • ISC BIND 9.2.3
  • ISC BIND 9.2.4
  • ISC BIND 9.2.5
  • ISC BIND 9.2.6
  • ISC BIND 9.2.6-P1
  • ISC BIND 9.2.6-P2
  • ISC BIND 9.2.7
  • ISC BIND 9.2.7B1
  • ISC BIND 9.2.7Rc1
  • ISC BIND 9.2.7Rc2
  • ISC BIND 9.2.7Rc3
  • ISC BIND 9.2.8
  • ISC BIND 9.3.0
  • ISC BIND 9.3.1
  • ISC BIND 9.3.2
  • ISC BIND 9.3.2-P1
  • ISC BIND 9.3.2-P2
  • ISC BIND 9.3.3
  • ISC BIND 9.3.3 B
  • ISC BIND 9.3.3 Rc1
  • ISC BIND 9.3.3B1
  • ISC BIND 9.3.3Rc2
  • ISC BIND 9.3.3Rc3
  • ISC BIND 9.3.4
  • ISC BIND 9.3.5
  • ISC BIND 9.4.0
  • ISC BIND 9.4.0 B3
  • ISC BIND 9.4.0A1
  • ISC BIND 9.4.0A2
  • ISC BIND 9.4.0A3
  • ISC BIND 9.4.0A4
  • ISC BIND 9.4.0A5
  • ISC BIND 9.4.0A6
  • ISC BIND 9.4.0B1
  • ISC BIND 9.4.0B2
  • ISC BIND 9.4.0B3
  • ISC BIND 9.4.0B4
  • ISC BIND 9.4.0Rc1
  • ISC BIND 9.4.0Rc2
  • ISC BIND 9.4.1
  • ISC BIND 9.4.1-P1
  • ISC BIND 9.4.3
  • ISC BIND 9.5.0A1
  • ISC BIND 9.5.0A2
  • ISC BIND 9.5.0A3
  • ISC BIND 9.5.0A4
  • ISC BIND 9.5.0A5
  • ISC BIND 9.5.0A6
  • ISC BIND 9.5.0A7
  • ISC BIND 9.5.0B1
  • ISC BIND 9.5.0B2
  • Infoblox DNS One Appliance 2
  • Infoblox NIOS 4
  • Ingate Firewall 4.6.0
  • Ingate Firewall 4.6.1
  • Ingate SIParator 4.6.0
  • Ingate SIParator 4.6.1
  • Juniper Networks JUNOS 5.0.0
  • Juniper Networks JUNOS 5.1.0
  • Juniper Networks JUNOS 5.2.0
  • Juniper Networks JUNOS 5.3.0
  • Juniper Networks JUNOS 5.4.0
  • Juniper Networks JUNOS 5.5.0
  • Juniper Networks JUNOS 5.6.0
  • Juniper Networks JUNOS 5.7.0
  • Juniper Networks JUNOS 6.1.0
  • Juniper Networks JUNOS 6.2.0
  • Juniper Networks JUNOS 6.3.0
  • Juniper Networks JUNOS 6.4.0
  • Juniper Networks JUNOS 7.3
  • Juniper Networks JUNOS 8.0.0
  • Juniper Networks JUNOS 8.4
  • Juniper Networks JUNOS 8.5.R1
  • Juniper Networks JUNOSe
  • Juniper Networks JUNOSe 5.3.5 P0-2
  • Juniper Networks JUNOSe 6.0.3 P0-6
  • Juniper Networks JUNOSe 6.0.4
  • Juniper Networks JUNOSe 6.1.3 P0-1
  • Juniper Networks JUNOSe 7.0.1 P0-7
  • Juniper Networks JUNOSe 7.0.2
  • Juniper Networks JUNOSe 7.1.0 P0-1
  • Juniper Networks JUNOSe 7.1.1
  • Juniper Networks ScreenOS 5.1.0
  • Juniper Networks ScreenOS 5.2.0
  • Lucent VitalQIP 5.2.0
  • Lucent VitalQIP 6.0.0
  • Lucent VitalQIP 6.1 Sp1
  • Lucent VitalQIP 6.1.0
  • Lucent VitalQIP 6.2.0
  • Lucent VitalQIP 7.X
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Datacenter Server SP1
  • Microsoft Windows 2000 Datacenter Server SP2
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows Server 2003 Datacenter Edition
  • Microsoft Windows Server 2003 Datacenter Edition Itanium
  • Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
  • Microsoft Windows Server 2003 Datacenter Edition SP1
  • Microsoft Windows Server 2003 Datacenter x64 Edition
  • Microsoft Windows Server 2003 Datacenter x64 Edition SP2
  • Microsoft Windows Server 2003 Enterprise Edition
  • Microsoft Windows Server 2003 Enterprise Edition Itanium
  • Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
  • Microsoft Windows Server 2003 Enterprise Edition SP1
  • Microsoft Windows Server 2003 Enterprise x64 Edition
  • Microsoft Windows Server 2003 Enterprise x64 Edition SP2
  • Microsoft Windows Server 2003 Itanium
  • Microsoft Windows Server 2003 Itanium SP1
  • Microsoft Windows Server 2003 Itanium SP2
  • Microsoft Windows Server 2003 SP1
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 Standard Edition
  • Microsoft Windows Server 2003 Standard Edition SP1
  • Microsoft Windows Server 2003 Standard Edition SP2
  • Microsoft Windows Server 2003 Standard x64 Edition
  • Microsoft Windows Server 2003 Web Edition
  • Microsoft Windows Server 2003 Web Edition SP1
  • Microsoft Windows Server 2003 Web Edition SP2
  • Microsoft Windows Server 2003 x64 SP1
  • Microsoft Windows Server 2003 x64 SP2
  • Microsoft Windows XP
  • Microsoft Windows XP Home
  • Microsoft Windows XP Home SP1
  • Microsoft Windows XP Home SP2
  • Microsoft Windows XP Home SP3
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Media Center Edition SP1
  • Microsoft Windows XP Media Center Edition SP2
  • Microsoft Windows XP Media Center Edition SP3
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional SP1
  • Microsoft Windows XP Professional SP2
  • Microsoft Windows XP Professional SP3
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Professional x64 Edition SP2
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows XP Tablet PC Edition SP1
  • Microsoft Windows XP Tablet PC Edition SP2
  • Microsoft Windows XP Tablet PC Edition SP3
  • NetBSD NetBSD 3,1 RC1
  • NetBSD NetBSD 3.0.0
  • NetBSD NetBSD 3.0.1
  • NetBSD NetBSD 3.0.2
  • NetBSD NetBSD 3.1
  • NetBSD NetBSD 3.1 RC3
  • NetBSD NetBSD 4,0 Beta
  • NetBSD NetBSD 4.0
  • NetBSD NetBSD 4.0 BETA2
  • NetBSD NetBSD Current
  • Nixu Secure Name Server 1
  • Nominum Software Caching Name Server (CNS) 3
  • Nominum Software Vantio (CNS) 3
  • Nortel Networks BCM 200
  • Nortel Networks ENSM - Enterprise NMS 10.4
  • Nortel Networks ENSM - Enterprise NMS 10.5
  • Nortel Networks Multimedia Comm MCS5100
  • Nortel Networks NSNA Switch 4050
  • Nortel Networks NSNA Switch 4070
  • Nortel Networks Optical AMBB
  • Nortel Networks Optical Application Platform
  • Nortel Networks Optical FMBB
  • Nortel Networks Optical RMBB
  • Nortel Networks Optical Software Upgrade Manager
  • Nortel Networks Optical Trail Manager
  • Nortel Networks PMBB
  • Nortel Networks SRG 1.0.0
  • Nortel Networks Self Service VoiceXML
  • Nortel Networks Self-Service - CCSS7
  • Nortel Networks Self-Service - Web Centric CCXML
  • Nortel Networks Self-Service CCXML
  • Nortel Networks Self-Service MPS 100
  • Nortel Networks Self-Service MPS 1000
  • Nortel Networks Self-Service MPS 500
  • Nortel Networks Self-Service Peri Application
  • Nortel Networks Self-Service Peri Workstation
  • Nortel Networks Self-Service Speech Server
  • Nortel Networks Self-Service WVADS
  • Nortel Networks Trail Manager Route Advisor
  • Novell Netware 5.0.0
  • Novell Netware 5.0.0 SP5
  • Novell Netware 5.1.0
  • Novell Netware 5.1.0 SP5
  • Novell Netware 5.1.0 SP4
  • Novell Netware 5.1.0 SP6
  • Novell Netware 6.0.0
  • Novell Netware 6.0.0 SP1
  • Novell Netware 6.0.0 SP2
  • Novell Netware 6.0.0 SP3
  • Novell Netware 6.5.0
  • Novell Netware 6.5.0 SP1
  • Novell Netware 6.5.0 SP2
  • Novell Netware 6.5.0 SP3
  • Novell Netware 6.5.0 SP1.1(A)
  • Novell Netware 6.5.0 SP1.1(B)
  • Novell Netware 6.5.0 SP4
  • Novell Netware 6.5.0 SP5
  • Novell Netware 6.5.0 SP6
  • Novell Netware 6.5.0 SP7
  • Novell Open Enterprise Server (OES)
  • OpenBSD OpenBSD -Current
  • OpenBSD OpenBSD 4.2
  • OpenBSD OpenBSD 4.3
  • Openwall Openwall GNU/*/Linux 2.0-Current
  • Openwall Openwall GNU/*/Linux 2.0-Stable
  • Pardus Linux 2007
  • Pardus Linux 2008
  • Python DNS Library pydns 2.3.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 8
  • Red Hat Fedora 9
  • Secure Computing CyberGuard Classic
  • Secure Computing CyberGuard TSP
  • Secure Computing Sidewinder 5.0.0
  • Secure Computing Sidewinder 5.0.0 .0.01
  • Secure Computing Sidewinder 5.0.0 .0.02
  • Secure Computing Sidewinder 5.0.0 .0.03
  • Secure Computing Sidewinder 5.0.0 .0.04
  • Secure Computing Sidewinder 5.1.0
  • Secure Computing Sidewinder 5.1.0 .0.01
  • Secure Computing Sidewinder 5.1.0 .0.02
  • Secure Computing Sidewinder 5.1.0 .1
  • Secure Computing Sidewinder 5.1.0 .1.01
  • Secure Computing Sidewinder 5.2.0
  • Secure Computing Sidewinder 5.2.0 .0.01
  • Secure Computing Sidewinder 5.2.0 .0.02
  • Secure Computing Sidewinder 5.2.0 .0.03
  • Secure Computing Sidewinder 5.2.0 .0.04
  • Secure Computing Sidewinder 5.2.0 .1
  • Secure Computing Sidewinder 5.2.0 .1.02
  • Secure Computing Sidewinder 5.2.1 .10
  • Secure Computing Sidewinder G2 6.1.0 .0.01
  • Secure Computing Sidewinder G2 6.1.0 .0.02
  • Secure Computing Sidewinder Software 5.0.0
  • Secure Computing Sidewinder Software 5.0.0 .0.01
  • Secure Computing Sidewinder Software 5.0.0 .0.02
  • Secure Computing Sidewinder Software 5.0.0 .0.03
  • Secure Computing Sidewinder Software 5.0.0 .0.04
  • Secure Computing Sidewinder Software 5.1.0
  • Secure Computing Sidewinder Software 5.1.0 .0.01
  • Secure Computing Sidewinder Software 5.1.0 .0.02
  • Secure Computing Sidewinder Software 5.1.0 .1
  • Secure Computing Sidewinder Software 5.1.0 .1.01
  • Secure Computing Sidewinder Software 5.2.0
  • Secure Computing Sidewinder Software 5.2.0 .0.01
  • Secure Computing Sidewinder Software 5.2.0 .0.02
  • Secure Computing Sidewinder Software 5.2.0 .0.03
  • Secure Computing Sidewinder Software 5.2.0 .0.04
  • Secure Computing Sidewinder Software 5.2.0 .1
  • Secure Computing Sidewinder Software 5.2.0 .1.02
  • Slackware Linux -Current
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 8.1.0
  • Slackware Linux 9.0.0
  • Slackware Linux 9.1.0
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise Desktop 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10.SP1
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • Sun OpenSolaris
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris Build Snv 02
  • Sun OpenSolaris Build Snv 13
  • Sun OpenSolaris Build Snv 19
  • Sun OpenSolaris Build Snv 22
  • Sun OpenSolaris Build Snv 64
  • Sun OpenSolaris Build Snv 88
  • Sun OpenSolaris Build Snv 89
  • Sun OpenSolaris Build Snv 91
  • Sun OpenSolaris Build Snv 92
  • Sun OpenSolaris Build Snv 95
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 8 Sparc
  • Sun Solaris 8 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 7.04 Amd64
  • Ubuntu Ubuntu Linux 7.04 I386
  • Ubuntu Ubuntu Linux 7.04 Powerpc
  • Ubuntu Ubuntu Linux 7.04 Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Lpia
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • VMWare ESX Server 2.5.4
  • VMWare ESX Server 2.5.5
  • VMWare ESX Server 3.0.1
  • VMWare ESX Server 3.0.2
  • VMWare ESX Server 3.0.3
  • VMWare ESX Server 3.5
  • Wind River Linux
  • Wind River Linux 3.1
  • Yamaha RT100i
  • Yamaha RT102i
  • Yamaha RT103i
  • Yamaha RT105e
  • Yamaha RT105i
  • Yamaha RT105p
  • Yamaha RT107e
  • Yamaha RT140e
  • Yamaha RT140f
  • Yamaha RT140i
  • Yamaha RT140p
  • Yamaha RT200i
  • Yamaha RT300i
  • Yamaha RT56v
  • Yamaha RT57i
  • Yamaha RT58i
  • Yamaha RT60w
  • Yamaha RT80i
  • Yamaha RTA50i
  • Yamaha RTA52i
  • Yamaha RTA54i
  • Yamaha RTA55i
  • Yamaha RTV01
  • Yamaha RTV700
  • Yamaha RTW65b
  • Yamaha RTW65i
  • Yamaha RTX1000
  • Yamaha RTX1100
  • Yamaha RTX1500
  • Yamaha RTX2000
  • Yamaha RTX3000
  • Yamaha SRT100
  • Yukihiro Matsumoto Ruby 1.8.0
  • Yukihiro Matsumoto Ruby 1.8.1
  • Yukihiro Matsumoto Ruby 1.8.2
  • Yukihiro Matsumoto Ruby 1.8.2 Pre1
  • Yukihiro Matsumoto Ruby 1.8.2 Pre2
  • Yukihiro Matsumoto Ruby 1.8.2 Pre3
  • Yukihiro Matsumoto Ruby 1.8.2 Pre4
  • Yukihiro Matsumoto Ruby 1.8.3
  • Yukihiro Matsumoto Ruby 1.8.4
  • Yukihiro Matsumoto Ruby 1.8.5
  • Yukihiro Matsumoto Ruby 1.8.5-P115
  • Yukihiro Matsumoto Ruby 1.8.5-P2
  • Yukihiro Matsumoto Ruby 1.8.5-P230
  • Yukihiro Matsumoto Ruby 1.8.5-P231
  • Yukihiro Matsumoto Ruby 1.8.6
  • Yukihiro Matsumoto Ruby 1.8.6-P114
  • Yukihiro Matsumoto Ruby 1.8.6-P229
  • Yukihiro Matsumoto Ruby 1.8.6-P230
  • Yukihiro Matsumoto Ruby 1.8.6-P286
  • Yukihiro Matsumoto Ruby 1.8.7
  • Yukihiro Matsumoto Ruby 1.8.7-P21
  • Yukihiro Matsumoto Ruby 1.8.7-P22
  • Yukihiro Matsumoto Ruby 1.8.7-P71
  • Yukihiro Matsumoto Ruby 1.9.0
  • Yukihiro Matsumoto Ruby 1.9.0 -2
  • Yukihiro Matsumoto Ruby 1.9.0-1
  • pdnsd pdnsd 1.2-Par
  • pdnsd pdnsd 1.2.1 -Par
  • pdnsd pdnsd 1.2.2 -Par
  • pdnsd pdnsd 1.2.3 -Par
  • pdnsd pdnsd 1.2.4 -Par
  • pdnsd pdnsd 1.2.6-Par
  • rPath Appliance Platform Linux Service 1
  • rPath Appliance Platform Linux Service 2
  • rPath rPath Linux 1
  • rPath rPath Linux 2

Recommendations

Block external access at the network boundary, unless external parties require service.

Ensure that only trusted hosts and networks can send DNS responses to affected computers.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.

Use NIDS to detect suspicious or anomalous network traffic. Monitor logs for signs of malicious activity.
The vendor has released an advisory along with fixes to address this issue. Please see the references for more information. NOTE: There are several reports that various firewall and security gateway applications are adversely affected by the changes associated with the fixes for this issue. Some vendors recommend removing the Microsoft patch associated with this issue. Users are advised to use extreme caution and to thoroughly evaluate the impact of removing the patch before doing so. UPDATE: Microsoft has released an updated advisory detailing known issues with their updates. UPDATE (August 1, 2008): Reports indicate that the Apple update for OS X 10.4.11 may not fully address this issue; Symantec has not confirmed this. Please see the references for more information.

Credits

Dan Kaminsky of IOActive

Copyright © Symantec Corporation.
Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.

Disclaimer
The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Symantec, Symantec products, Symantec Security Response, and secure@symantec.com are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.