Unrated severityNVD Advisory· Published Jul 24, 2007· Updated Jun 16, 2026
CVE-2007-2926
CVE-2007-2926
Description
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*
- (no CPE)range: 9 through 9.5.0a5
Patches
Vulnerability mechanics
References
67- secunia.com/advisories/26152nvdVendor Advisory
- www.kb.cert.org/vuls/id/252735nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-319A.htmlnvdUS Government Resource
- aix.software.ibm.com/aix/efixes/security/READMEnvd
- patches.sgi.com/support/free/security/advisories/20070801-01-P.ascnvd
- docs.info.apple.com/article.htmlnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- lists.apple.com/archives/security-announce/2007/Nov/msg00002.htmlnvd
- marc.infonvd
- secunia.com/advisories/26148nvd
- secunia.com/advisories/26160nvd
- secunia.com/advisories/26180nvd
- secunia.com/advisories/26195nvd
- secunia.com/advisories/26217nvd
- secunia.com/advisories/26227nvd
- secunia.com/advisories/26231nvd
- secunia.com/advisories/26236nvd
- secunia.com/advisories/26261nvd
- secunia.com/advisories/26308nvd
- secunia.com/advisories/26330nvd
- secunia.com/advisories/26509nvd
- secunia.com/advisories/26515nvd
- secunia.com/advisories/26531nvd
- secunia.com/advisories/26605nvd
- secunia.com/advisories/26607nvd
- secunia.com/advisories/26847nvd
- secunia.com/advisories/26925nvd
- secunia.com/advisories/27643nvd
- security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.ascnvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2007-389.htmnvd
- support.nortel.com/go/main.jspnvd
- www-1.ibm.com/support/search.wssnvd
- www-1.ibm.com/support/search.wssnvd
- www.debian.org/security/2007/dsa-1341nvd
- www.gentoo.org/security/en/glsa/glsa-200708-13.xmlnvd
- www.isc.org/index.plnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2007_47_bind.htmlnvd
- www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.htmlnvd
- www.redhat.com/support/errata/RHSA-2007-0740.htmlnvd
- www.securiteam.com/securitynews/5VP0L0UM0A.htmlnvd
- www.securityfocus.com/archive/1/474516/100/0/threadednvd
- www.securityfocus.com/archive/1/474545/100/0/threadednvd
- www.securityfocus.com/archive/1/474808/100/0/threadednvd
- www.securityfocus.com/archive/1/474856/100/0/threadednvd
- www.securityfocus.com/bid/25037nvd
- www.securityfocus.com/bid/26444nvd
- www.securitytracker.com/idnvd
- www.slackware.org/security/viewer.phpnvd
- www.trusteer.com/docs/bind9dns.htmlnvd
- www.trusteer.com/docs/bind9dns_s.htmlnvd
- www.trustix.org/errata/2007/0023/nvd
- www.ubuntu.com/usn/usn-491-1nvd
- www.vupen.com/english/advisories/2007/2627nvd
- www.vupen.com/english/advisories/2007/2662nvd
- www.vupen.com/english/advisories/2007/2782nvd
- www.vupen.com/english/advisories/2007/2914nvd
- www.vupen.com/english/advisories/2007/2932nvd
- www.vupen.com/english/advisories/2007/3242nvd
- www.vupen.com/english/advisories/2007/3868nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/35575nvd
- issues.rpath.com/browse/RPL-1587nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226nvd
News mentions
0No linked articles in our index yet.