CVE-2007-2926
bind9 - DNS cache poisoning vulnerability
EPSS 20.6%
Description
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
How to fix CVE-2007-2926
To remediate CVE-2007-2926, upgrade the affected package to a fixed version below.
- Debian/bind9—upgrade to 1:9.4.1-P1-1 or later
- Debian/bind9—upgrade to 1:9.3.4-2etch1 or later
Is CVE-2007-2926 being exploited?
Moderate — EPSS is 20.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1:9.4.1-P1-1
- from 0, < 1:9.3.4-2etch1