Cache poisoning due to weak PRNG
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use.
This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
Problem Types
| Type | CWE ID | Description |
|---|
| CWE | CWE-341 | CWE-341 Predictable from Observable State |
Type: CWE
Description: CWE-341 Predictable from Observable State
Metrics
| Version | Base score | Base severity | Vector |
|---|
| 3.1 | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
Version: 3.1
Base score: 8.6
Base severity: HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Impacts
| CAPEC ID | Description |
|---|
| N/A | BIND can be tricked into caching attacker responses, if the spoofing is successful. |
CAPEC ID: N/A
Description: BIND can be tricked into caching attacker responses, if the spoofing is successful.