CVE-2008-1147
First published: Tue Mar 04 2008(Updated: )
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS and macOS | =10.0 | |
| Apple iOS and macOS | =10.0.1 | |
| Apple iOS and macOS | =10.0.2 | |
| Apple iOS and macOS | =10.0.3 | |
| Apple iOS and macOS | =10.0.4 | |
| Apple iOS and macOS | =10.1 | |
| Apple iOS and macOS | =10.1.1 | |
| Apple iOS and macOS | =10.1.2 | |
| Apple iOS and macOS | =10.1.3 | |
| Apple iOS and macOS | =10.1.4 | |
| Apple iOS and macOS | =10.1.5 | |
| Apple iOS and macOS | =10.2 | |
| Apple iOS and macOS | =10.2.1 | |
| Apple iOS and macOS | =10.2.2 | |
| Apple iOS and macOS | =10.2.3 | |
| Apple iOS and macOS | =10.2.4 | |
| Apple iOS and macOS | =10.2.5 | |
| Apple iOS and macOS | =10.2.6 | |
| Apple iOS and macOS | =10.2.7 | |
| Apple iOS and macOS | =10.2.8 | |
| Apple iOS and macOS | =10.3 | |
| Apple iOS and macOS | =10.3.1 | |
| Apple iOS and macOS | =10.3.2 | |
| Apple iOS and macOS | =10.3.3 | |
| Apple iOS and macOS | =10.3.4 | |
| Apple iOS and macOS | =10.3.5 | |
| Apple iOS and macOS | =10.3.6 | |
| Apple iOS and macOS | =10.3.7 | |
| Apple iOS and macOS | =10.3.8 | |
| Apple iOS and macOS | =10.3.9 | |
| Apple iOS and macOS | =10.4 | |
| Apple iOS and macOS | =10.4.1 | |
| Apple iOS and macOS | =10.4.2 | |
| Apple iOS and macOS | =10.4.3 | |
| Apple iOS and macOS | =10.4.4 | |
| Apple iOS and macOS | =10.4.5 | |
| Apple iOS and macOS | =10.4.6 | |
| Apple iOS and macOS | =10.4.7 | |
| Apple iOS and macOS | =10.4.8 | |
| Apple iOS and macOS | =10.4.9 | |
| Apple iOS and macOS | =10.4.10 | |
| Apple iOS and macOS | =10.4.11 | |
| Apple iOS and macOS | =10.5 | |
| Apple iOS and macOS | =10.5.1 | |
| Apple macOS Server | =10.0 | |
| Apple macOS Server | =10.1 | |
| Apple macOS Server | =10.1.1 | |
| Apple macOS Server | =10.1.2 | |
| Apple macOS Server | =10.1.3 | |
| Apple macOS Server | =10.1.4 | |
| Apple macOS Server | =10.1.5 | |
| Apple macOS Server | =10.2 | |
| Apple macOS Server | =10.2.1 | |
| Apple macOS Server | =10.2.2 | |
| Apple macOS Server | =10.2.3 | |
| Apple macOS Server | =10.2.4 | |
| Apple macOS Server | =10.2.5 | |
| Apple macOS Server | =10.2.6 | |
| Apple macOS Server | =10.2.7 | |
| Apple macOS Server | =10.2.8 | |
| Apple macOS Server | =10.3 | |
| Apple macOS Server | =10.3.1 | |
| Apple macOS Server | =10.3.2 | |
| Apple macOS Server | =10.3.3 | |
| Apple macOS Server | =10.3.4 | |
| Apple macOS Server | =10.3.5 | |
| Apple macOS Server | =10.3.6 | |
| Apple macOS Server | =10.3.7 | |
| Apple macOS Server | =10.3.8 | |
| Apple macOS Server | =10.3.9 | |
| Apple macOS Server | =10.4 | |
| Apple macOS Server | =10.4.1 | |
| Apple macOS Server | =10.4.2 | |
| Apple macOS Server | =10.4.3 | |
| Apple macOS Server | =10.4.4 | |
| Apple macOS Server | =10.4.5 | |
| Apple macOS Server | =10.4.6 | |
| Apple macOS Server | =10.4.7 | |
| Apple macOS Server | =10.4.8 | |
| Apple macOS Server | =10.4.9 | |
| Apple macOS Server | =10.4.10 | |
| Apple macOS Server | =10.4.11 | |
| Apple macOS Server | =10.5 | |
| DragonFlyBSD | =1.0 | |
| DragonFlyBSD | =1.1 | |
| DragonFlyBSD | =1.2 | |
| DragonFlyBSD | =1.10.1 | |
| FreeBSD FreeBSD | =4.4 | |
| FreeBSD FreeBSD | =4.4-release_p42 | |
| FreeBSD FreeBSD | =4.4-releng | |
| FreeBSD FreeBSD | =4.4-stable | |
| FreeBSD FreeBSD | =4.5 | |
| FreeBSD FreeBSD | =4.5-release | |
| FreeBSD FreeBSD | =4.5-release_p32 | |
| FreeBSD FreeBSD | =4.5-releng | |
| FreeBSD FreeBSD | =4.5-stable | |
| FreeBSD FreeBSD | =4.6 | |
| FreeBSD FreeBSD | =4.6-release | |
| FreeBSD FreeBSD | =4.6-release_p20 | |
| FreeBSD FreeBSD | =4.6-releng | |
| FreeBSD FreeBSD | =4.6-stable | |
| FreeBSD FreeBSD | =4.6.2 | |
| FreeBSD FreeBSD | =4.7 | |
| FreeBSD FreeBSD | =4.7-release | |
| FreeBSD FreeBSD | =4.7-release_p17 | |
| FreeBSD FreeBSD | =4.7-releng | |
| FreeBSD FreeBSD | =4.7-stable | |
| FreeBSD FreeBSD | =4.8 | |
| FreeBSD FreeBSD | =4.8-release_p7 | |
| FreeBSD FreeBSD | =4.8-releng | |
| FreeBSD FreeBSD | =4.8_prerelease | |
| FreeBSD FreeBSD | =4.9 | |
| FreeBSD FreeBSD | =4.9-releng | |
| FreeBSD FreeBSD | =4.9_prerelease | |
| FreeBSD FreeBSD | =4.10 | |
| FreeBSD FreeBSD | =4.10-release | |
| FreeBSD FreeBSD | =4.10-release_p8 | |
| FreeBSD FreeBSD | =4.10-releng | |
| FreeBSD FreeBSD | =4.10_prerelease | |
| FreeBSD FreeBSD | =4.11-release_p3 | |
| FreeBSD FreeBSD | =4.11-releng | |
| FreeBSD FreeBSD | =4.11-stable | |
| FreeBSD FreeBSD | =4.11_p20_release | |
| FreeBSD FreeBSD | =4.11_release | |
| FreeBSD FreeBSD | =5.0 | |
| FreeBSD FreeBSD | =5.0-alpha | |
| FreeBSD FreeBSD | =5.0-release_p14 | |
| FreeBSD FreeBSD | =5.0-releng | |
| FreeBSD FreeBSD | =5.1 | |
| FreeBSD FreeBSD | =5.1-alpha | |
| FreeBSD FreeBSD | =5.1-release | |
| FreeBSD FreeBSD | =5.1-release_p5 | |
| FreeBSD FreeBSD | =5.1-releng | |
| FreeBSD FreeBSD | =5.2 | |
| FreeBSD FreeBSD | =5.2.1-release | |
| FreeBSD FreeBSD | =5.2.1-releng | |
| FreeBSD FreeBSD | =5.3 | |
| FreeBSD FreeBSD | =5.3-release | |
| FreeBSD FreeBSD | =5.3-releng | |
| FreeBSD FreeBSD | =5.3-stable | |
| FreeBSD FreeBSD | =5.4-release | |
| FreeBSD FreeBSD | =5.4-releng | |
| FreeBSD FreeBSD | =5.4-stable | |
| FreeBSD FreeBSD | =5.5_release | |
| FreeBSD FreeBSD | =5.5_stable | |
| FreeBSD FreeBSD | =6.0 | |
| FreeBSD FreeBSD | =6.0-release | |
| FreeBSD FreeBSD | =6.0-stable | |
| FreeBSD FreeBSD | =6.0_p5_release | |
| FreeBSD FreeBSD | =6.1 | |
| FreeBSD FreeBSD | =6.1-release | |
| FreeBSD FreeBSD | =6.1-release_p10 | |
| FreeBSD FreeBSD | =6.1-stable | |
| FreeBSD FreeBSD | =6.2 | |
| FreeBSD FreeBSD | =6.2-stable | |
| FreeBSD FreeBSD | =6.2_releng | |
| FreeBSD FreeBSD | =6.3 | |
| FreeBSD FreeBSD | =6.3_releng | |
| FreeBSD FreeBSD | =7.0-pre-release | |
| FreeBSD FreeBSD | =7.0_beta4 | |
| FreeBSD FreeBSD | =7.0_releng | |
| NetBSD NetBSD | =1.6.2 | |
| NetBSD NetBSD | =2.0 | |
| NetBSD NetBSD | =2.0.1 | |
| NetBSD NetBSD | =2.0.2 | |
| NetBSD NetBSD | =2.0.3 | |
| NetBSD NetBSD | =2.0.4 | |
| NetBSD NetBSD | =2.1 | |
| NetBSD NetBSD | =2.1.1 | |
| NetBSD NetBSD | =3.0.1 | |
| NetBSD NetBSD | =3.0.2 | |
| NetBSD NetBSD | =3.1 | |
| NetBSD NetBSD | =3.1-rc1 | |
| NetBSD NetBSD | =3.1-rc3 | |
| NetBSD NetBSD | =4.0 | |
| NetBSD NetBSD | =4.0-beta | |
| NetBSD NetBSD | =4.0-beta2 | |
| OpenBSD | =2.6 | |
| OpenBSD | =2.7 | |
| OpenBSD | =2.8 | |
| OpenBSD | =2.9 | |
| OpenBSD | =3.0 | |
| OpenBSD | =3.1 | |
| OpenBSD | =3.2 | |
| OpenBSD | =3.3 | |
| OpenBSD | =3.4 | |
| OpenBSD | =3.5 | |
| OpenBSD | =3.6 | |
| OpenBSD | =3.7 | |
| OpenBSD | =3.8 | |
| OpenBSD | =3.9 | |
| OpenBSD | =4.0 | |
| OpenBSD | =4.1 | |
| OpenBSD | =4.2 | |
| Cosmicperl Directory Pro | =10.0.3 | |
| Darwin | =1.0 | |
| Darwin | =9.1 | |
| Navision Financials Server | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
- http://www.securiteam.com/securityreviews/5PP0H0UNGW.html
- http://www.securityfocus.com/archive/1/487658
- http://seclists.org/bugtraq/2008/Feb/0052.html
- http://seclists.org/bugtraq/2008/Feb/0063.html
- http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10;contenttype=
- http://www.securityfocus.com/bid/27647
- http://secunia.com/advisories/28819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40329
- http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype=
Frequently Asked Questions
What is the severity of CVE-2008-1147?
CVE-2008-1147 is categorized as a medium severity vulnerability due to its potential to allow remote attackers to predict sensitive random values.
How do I fix CVE-2008-1147?
To mitigate CVE-2008-1147, ensure you are using an updated version of the affected operating systems that have patched the vulnerability.
What operating systems are affected by CVE-2008-1147?
CVE-2008-1147 affects OpenBSD versions 2.6 through 3.4, Mac OS X versions 10 through 10.5.1, FreeBSD versions 4.4 through 7.0, and DragonFlyBSD versions 1.0 through 1.10.1.
What type of vulnerability is CVE-2008-1147?
CVE-2008-1147 is a vulnerability in a pseudo-random number generator (PRNG) that can lead to predictable outputs.
Can CVE-2008-1147 be exploited remotely?
Yes, CVE-2008-1147 can be exploited remotely by attackers who can guess sensitive values derived from the predictable random outputs.
- collector/nvd-historical
- agent/author
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple ios and macos
- version/apple ios and macos/10.0
- version/apple ios and macos/10.0.1
- version/apple ios and macos/10.0.2
- version/apple ios and macos/10.0.3
- version/apple ios and macos/10.0.4
- version/apple ios and macos/10.1
- version/apple ios and macos/10.1.1
- version/apple ios and macos/10.1.2
- version/apple ios and macos/10.1.3
- version/apple ios and macos/10.1.4
- version/apple ios and macos/10.1.5
- version/apple ios and macos/10.2
- version/apple ios and macos/10.2.1
- version/apple ios and macos/10.2.2
- version/apple ios and macos/10.2.3
- version/apple ios and macos/10.2.4
- version/apple ios and macos/10.2.5
- version/apple ios and macos/10.2.6
- version/apple ios and macos/10.2.7
- version/apple ios and macos/10.2.8
- version/apple ios and macos/10.3
- version/apple ios and macos/10.3.1
- version/apple ios and macos/10.3.2
- version/apple ios and macos/10.3.3
- version/apple ios and macos/10.3.4
- version/apple ios and macos/10.3.5
- version/apple ios and macos/10.3.6
- version/apple ios and macos/10.3.7
- version/apple ios and macos/10.3.8
- version/apple ios and macos/10.3.9
- version/apple ios and macos/10.4
- version/apple ios and macos/10.4.1
- version/apple ios and macos/10.4.2
- version/apple ios and macos/10.4.3
- version/apple ios and macos/10.4.4
- version/apple ios and macos/10.4.5
- version/apple ios and macos/10.4.6
- version/apple ios and macos/10.4.7
- version/apple ios and macos/10.4.8
- version/apple ios and macos/10.4.9
- version/apple ios and macos/10.4.10
- version/apple ios and macos/10.4.11
- version/apple ios and macos/10.5
- version/apple ios and macos/10.5.1
- canonical/apple macos server
- version/apple macos server/10.0
- version/apple macos server/10.1
- version/apple macos server/10.1.1
- version/apple macos server/10.1.2
- version/apple macos server/10.1.3
- version/apple macos server/10.1.4
- version/apple macos server/10.1.5
- version/apple macos server/10.2
- version/apple macos server/10.2.1
- version/apple macos server/10.2.2
- version/apple macos server/10.2.3
- version/apple macos server/10.2.4
- version/apple macos server/10.2.5
- version/apple macos server/10.2.6
- version/apple macos server/10.2.7
- version/apple macos server/10.2.8
- version/apple macos server/10.3
- version/apple macos server/10.3.1
- version/apple macos server/10.3.2
- version/apple macos server/10.3.3
- version/apple macos server/10.3.4
- version/apple macos server/10.3.5
- version/apple macos server/10.3.6
- version/apple macos server/10.3.7
- version/apple macos server/10.3.8
- version/apple macos server/10.3.9
- version/apple macos server/10.4
- version/apple macos server/10.4.1
- version/apple macos server/10.4.2
- version/apple macos server/10.4.3
- version/apple macos server/10.4.4
- version/apple macos server/10.4.5
- version/apple macos server/10.4.6
- version/apple macos server/10.4.7
- version/apple macos server/10.4.8
- version/apple macos server/10.4.9
- version/apple macos server/10.4.10
- version/apple macos server/10.4.11
- version/apple macos server/10.5
- vendor/dragonflybsd
- canonical/dragonflybsd
- version/dragonflybsd/1.0
- version/dragonflybsd/1.1
- version/dragonflybsd/1.2
- version/dragonflybsd/1.10.1
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/4.4
- version/freebsd freebsd/4.4-release_p42
- version/freebsd freebsd/4.4-releng
- version/freebsd freebsd/4.4-stable
- version/freebsd freebsd/4.5
- version/freebsd freebsd/4.5-release
- version/freebsd freebsd/4.5-release_p32
- version/freebsd freebsd/4.5-releng
- version/freebsd freebsd/4.5-stable
- version/freebsd freebsd/4.6
- version/freebsd freebsd/4.6-release
- version/freebsd freebsd/4.6-release_p20
- version/freebsd freebsd/4.6-releng
- version/freebsd freebsd/4.6-stable
- version/freebsd freebsd/4.6.2
- version/freebsd freebsd/4.7
- version/freebsd freebsd/4.7-release
- version/freebsd freebsd/4.7-release_p17
- version/freebsd freebsd/4.7-releng
- version/freebsd freebsd/4.7-stable
- version/freebsd freebsd/4.8
- version/freebsd freebsd/4.8-release_p7
- version/freebsd freebsd/4.8-releng
- version/freebsd freebsd/4.8_prerelease
- version/freebsd freebsd/4.9
- version/freebsd freebsd/4.9-releng
- version/freebsd freebsd/4.9_prerelease
- version/freebsd freebsd/4.10
- version/freebsd freebsd/4.10-release
- version/freebsd freebsd/4.10-release_p8
- version/freebsd freebsd/4.10-releng
- version/freebsd freebsd/4.10_prerelease
- version/freebsd freebsd/4.11-release_p3
- version/freebsd freebsd/4.11-releng
- version/freebsd freebsd/4.11-stable
- version/freebsd freebsd/4.11_p20_release
- version/freebsd freebsd/4.11_release
- version/freebsd freebsd/5.0
- version/freebsd freebsd/5.0-alpha
- version/freebsd freebsd/5.0-release_p14
- version/freebsd freebsd/5.0-releng
- version/freebsd freebsd/5.1
- version/freebsd freebsd/5.1-alpha
- version/freebsd freebsd/5.1-release
- version/freebsd freebsd/5.1-release_p5
- version/freebsd freebsd/5.1-releng
- version/freebsd freebsd/5.2
- version/freebsd freebsd/5.2.1-release
- version/freebsd freebsd/5.2.1-releng
- version/freebsd freebsd/5.3
- version/freebsd freebsd/5.3-release
- version/freebsd freebsd/5.3-releng
- version/freebsd freebsd/5.3-stable
- version/freebsd freebsd/5.4-release
- version/freebsd freebsd/5.4-releng
- version/freebsd freebsd/5.4-stable
- version/freebsd freebsd/5.5_release
- version/freebsd freebsd/5.5_stable
- version/freebsd freebsd/6.0
- version/freebsd freebsd/6.0-release
- version/freebsd freebsd/6.0-stable
- version/freebsd freebsd/6.0_p5_release
- version/freebsd freebsd/6.1
- version/freebsd freebsd/6.1-release
- version/freebsd freebsd/6.1-release_p10
- version/freebsd freebsd/6.1-stable
- version/freebsd freebsd/6.2
- version/freebsd freebsd/6.2-stable
- version/freebsd freebsd/6.2_releng
- version/freebsd freebsd/6.3
- version/freebsd freebsd/6.3_releng
- version/freebsd freebsd/7.0-pre-release
- version/freebsd freebsd/7.0_beta4
- version/freebsd freebsd/7.0_releng
- vendor/netbsd
- canonical/netbsd netbsd
- version/netbsd netbsd/1.6.2
- version/netbsd netbsd/2.0
- version/netbsd netbsd/2.0.1
- version/netbsd netbsd/2.0.2
- version/netbsd netbsd/2.0.3
- version/netbsd netbsd/2.0.4
- version/netbsd netbsd/2.1
- version/netbsd netbsd/2.1.1
- version/netbsd netbsd/3.0.1
- version/netbsd netbsd/3.0.2
- version/netbsd netbsd/3.1
- version/netbsd netbsd/3.1-rc1
- version/netbsd netbsd/3.1-rc3
- version/netbsd netbsd/4.0
- version/netbsd netbsd/4.0-beta
- version/netbsd netbsd/4.0-beta2
- vendor/openbsd
- canonical/openbsd
- version/openbsd/2.6
- version/openbsd/2.7
- version/openbsd/2.8
- version/openbsd/2.9
- version/openbsd/3.0
- version/openbsd/3.1
- version/openbsd/3.2
- version/openbsd/3.3
- version/openbsd/3.4
- version/openbsd/3.5
- version/openbsd/3.6
- version/openbsd/3.7
- version/openbsd/3.8
- version/openbsd/3.9
- version/openbsd/4.0
- version/openbsd/4.1
- version/openbsd/4.2
- vendor/cosmicperl
- canonical/cosmicperl directory pro
- version/cosmicperl directory pro/10.0.3
- vendor/darwin
- canonical/darwin
- version/darwin/1.0
- version/darwin/9.1
- vendor/navision
- canonical/navision financials server
- version/navision financials server/3.0