CVE-2008-1148
First published: Tue Mar 04 2008(Updated: )
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mac OS X | =10.0 | |
| Apple Mac OS X | =10.0.1 | |
| Apple Mac OS X | =10.0.2 | |
| Apple Mac OS X | =10.0.3 | |
| Apple Mac OS X | =10.0.4 | |
| Apple Mac OS X | =10.1 | |
| Apple Mac OS X | =10.1.1 | |
| Apple Mac OS X | =10.1.2 | |
| Apple Mac OS X | =10.1.3 | |
| Apple Mac OS X | =10.1.4 | |
| Apple Mac OS X | =10.1.5 | |
| Apple Mac OS X | =10.2 | |
| Apple Mac OS X | =10.2.1 | |
| Apple Mac OS X | =10.2.2 | |
| Apple Mac OS X | =10.2.3 | |
| Apple Mac OS X | =10.2.4 | |
| Apple Mac OS X | =10.2.5 | |
| Apple Mac OS X | =10.2.6 | |
| Apple Mac OS X | =10.2.7 | |
| Apple Mac OS X | =10.2.8 | |
| Apple Mac OS X | =10.3 | |
| Apple Mac OS X | =10.3.1 | |
| Apple Mac OS X | =10.3.2 | |
| Apple Mac OS X | =10.3.3 | |
| Apple Mac OS X | =10.3.4 | |
| Apple Mac OS X | =10.3.5 | |
| Apple Mac OS X | =10.3.6 | |
| Apple Mac OS X | =10.3.7 | |
| Apple Mac OS X | =10.3.8 | |
| Apple Mac OS X | =10.3.9 | |
| Apple Mac OS X | =10.4 | |
| Apple Mac OS X | =10.4.1 | |
| Apple Mac OS X | =10.4.2 | |
| Apple Mac OS X | =10.4.3 | |
| Apple Mac OS X | =10.4.4 | |
| Apple Mac OS X | =10.4.5 | |
| Apple Mac OS X | =10.4.6 | |
| Apple Mac OS X | =10.4.7 | |
| Apple Mac OS X | =10.4.8 | |
| Apple Mac OS X | =10.4.9 | |
| Apple Mac OS X | =10.4.10 | |
| Apple Mac OS X | =10.4.11 | |
| Apple Mac OS X | =10.5 | |
| Apple Mac OS X | =10.5.1 | |
| Apple Mac OS X Server | =10.0 | |
| Apple Mac OS X Server | =10.1 | |
| Apple Mac OS X Server | =10.1.1 | |
| Apple Mac OS X Server | =10.1.2 | |
| Apple Mac OS X Server | =10.1.3 | |
| Apple Mac OS X Server | =10.1.4 | |
| Apple Mac OS X Server | =10.1.5 | |
| Apple Mac OS X Server | =10.2 | |
| Apple Mac OS X Server | =10.2.1 | |
| Apple Mac OS X Server | =10.2.2 | |
| Apple Mac OS X Server | =10.2.3 | |
| Apple Mac OS X Server | =10.2.4 | |
| Apple Mac OS X Server | =10.2.5 | |
| Apple Mac OS X Server | =10.2.6 | |
| Apple Mac OS X Server | =10.2.7 | |
| Apple Mac OS X Server | =10.2.8 | |
| Apple Mac OS X Server | =10.3 | |
| Apple Mac OS X Server | =10.3.1 | |
| Apple Mac OS X Server | =10.3.2 | |
| Apple Mac OS X Server | =10.3.3 | |
| Apple Mac OS X Server | =10.3.4 | |
| Apple Mac OS X Server | =10.3.5 | |
| Apple Mac OS X Server | =10.3.6 | |
| Apple Mac OS X Server | =10.3.7 | |
| Apple Mac OS X Server | =10.3.8 | |
| Apple Mac OS X Server | =10.3.9 | |
| Apple Mac OS X Server | =10.4 | |
| Apple Mac OS X Server | =10.4.1 | |
| Apple Mac OS X Server | =10.4.2 | |
| Apple Mac OS X Server | =10.4.3 | |
| Apple Mac OS X Server | =10.4.4 | |
| Apple Mac OS X Server | =10.4.5 | |
| Apple Mac OS X Server | =10.4.6 | |
| Apple Mac OS X Server | =10.4.7 | |
| Apple Mac OS X Server | =10.4.8 | |
| Apple Mac OS X Server | =10.4.9 | |
| Apple Mac OS X Server | =10.4.10 | |
| Apple Mac OS X Server | =10.4.11 | |
| Apple Mac OS X Server | =10.5 | |
| Dragonflybsd Dragonflybsd | =1.0 | |
| Dragonflybsd Dragonflybsd | =1.1 | |
| Dragonflybsd Dragonflybsd | =1.2 | |
| Dragonflybsd Dragonflybsd | =1.10.1 | |
| FreeBSD FreeBSD | =4.4 | |
| FreeBSD FreeBSD | =4.4-release_p42 | |
| FreeBSD FreeBSD | =4.4-releng | |
| FreeBSD FreeBSD | =4.4-stable | |
| FreeBSD FreeBSD | =4.5 | |
| FreeBSD FreeBSD | =4.5-release | |
| FreeBSD FreeBSD | =4.5-release_p32 | |
| FreeBSD FreeBSD | =4.5-releng | |
| FreeBSD FreeBSD | =4.5-stable | |
| FreeBSD FreeBSD | =4.6 | |
| FreeBSD FreeBSD | =4.6-release | |
| FreeBSD FreeBSD | =4.6-release_p20 | |
| FreeBSD FreeBSD | =4.6-releng | |
| FreeBSD FreeBSD | =4.6-stable | |
| FreeBSD FreeBSD | =4.6.2 | |
| FreeBSD FreeBSD | =4.7 | |
| FreeBSD FreeBSD | =4.7-release | |
| FreeBSD FreeBSD | =4.7-release_p17 | |
| FreeBSD FreeBSD | =4.7-releng | |
| FreeBSD FreeBSD | =4.7-stable | |
| FreeBSD FreeBSD | =4.8 | |
| FreeBSD FreeBSD | =4.8-release_p7 | |
| FreeBSD FreeBSD | =4.8-releng | |
| FreeBSD FreeBSD | =4.8_prerelease | |
| FreeBSD FreeBSD | =4.9 | |
| FreeBSD FreeBSD | =4.9-releng | |
| FreeBSD FreeBSD | =4.9_prerelease | |
| FreeBSD FreeBSD | =4.10 | |
| FreeBSD FreeBSD | =4.10-release | |
| FreeBSD FreeBSD | =4.10-release_p8 | |
| FreeBSD FreeBSD | =4.10-releng | |
| FreeBSD FreeBSD | =4.10_prerelease | |
| FreeBSD FreeBSD | =4.11-release_p3 | |
| FreeBSD FreeBSD | =4.11-releng | |
| FreeBSD FreeBSD | =4.11-stable | |
| FreeBSD FreeBSD | =4.11_p20_release | |
| FreeBSD FreeBSD | =4.11_release | |
| FreeBSD FreeBSD | =5.0 | |
| FreeBSD FreeBSD | =5.0-alpha | |
| FreeBSD FreeBSD | =5.0-release_p14 | |
| FreeBSD FreeBSD | =5.0-releng | |
| FreeBSD FreeBSD | =5.1 | |
| FreeBSD FreeBSD | =5.1-alpha | |
| FreeBSD FreeBSD | =5.1-release | |
| FreeBSD FreeBSD | =5.1-release_p5 | |
| FreeBSD FreeBSD | =5.1-releng | |
| FreeBSD FreeBSD | =5.2 | |
| FreeBSD FreeBSD | =5.2.1-release | |
| FreeBSD FreeBSD | =5.2.1-releng | |
| FreeBSD FreeBSD | =5.3 | |
| FreeBSD FreeBSD | =5.3-release | |
| FreeBSD FreeBSD | =5.3-releng | |
| FreeBSD FreeBSD | =5.3-stable | |
| FreeBSD FreeBSD | =5.4-release | |
| FreeBSD FreeBSD | =5.4-releng | |
| FreeBSD FreeBSD | =5.4-stable | |
| FreeBSD FreeBSD | =5.5_release | |
| FreeBSD FreeBSD | =5.5_stable | |
| FreeBSD FreeBSD | =6.0 | |
| FreeBSD FreeBSD | =6.0-release | |
| FreeBSD FreeBSD | =6.0-stable | |
| FreeBSD FreeBSD | =6.0_p5_release | |
| FreeBSD FreeBSD | =6.1 | |
| FreeBSD FreeBSD | =6.1-release | |
| FreeBSD FreeBSD | =6.1-release_p10 | |
| FreeBSD FreeBSD | =6.1-stable | |
| FreeBSD FreeBSD | =6.2 | |
| FreeBSD FreeBSD | =6.2-stable | |
| FreeBSD FreeBSD | =6.2_releng | |
| FreeBSD FreeBSD | =6.3 | |
| FreeBSD FreeBSD | =6.3_releng | |
| FreeBSD FreeBSD | =7.0-pre-release | |
| FreeBSD FreeBSD | =7.0_beta4 | |
| FreeBSD FreeBSD | =7.0_releng | |
| NetBSD NetBSD | =1.6.2 | |
| NetBSD NetBSD | =2.0 | |
| NetBSD NetBSD | =2.0.1 | |
| NetBSD NetBSD | =2.0.2 | |
| NetBSD NetBSD | =2.0.3 | |
| NetBSD NetBSD | =2.0.4 | |
| NetBSD NetBSD | =2.1 | |
| NetBSD NetBSD | =2.1.1 | |
| NetBSD NetBSD | =3.0.1 | |
| NetBSD NetBSD | =3.0.2 | |
| NetBSD NetBSD | =3.1 | |
| NetBSD NetBSD | =3.1-rc1 | |
| NetBSD NetBSD | =3.1-rc3 | |
| NetBSD NetBSD | =4.0 | |
| NetBSD NetBSD | =4.0-beta | |
| NetBSD NetBSD | =4.0-beta2 | |
| Openbsd Openbsd | =2.6 | |
| Openbsd Openbsd | =2.7 | |
| Openbsd Openbsd | =2.8 | |
| Openbsd Openbsd | =2.9 | |
| Openbsd Openbsd | =3.0 | |
| Openbsd Openbsd | =3.1 | |
| Openbsd Openbsd | =3.2 | |
| Openbsd Openbsd | =3.3 | |
| Openbsd Openbsd | =3.4 | |
| Openbsd Openbsd | =3.5 | |
| Openbsd Openbsd | =3.6 | |
| Openbsd Openbsd | =3.7 | |
| Openbsd Openbsd | =3.8 | |
| Openbsd Openbsd | =3.9 | |
| Openbsd Openbsd | =4.0 | |
| Openbsd Openbsd | =4.1 | |
| Openbsd Openbsd | =4.2 | |
| Cosmicperl Directory Pro | =10.0.3 | |
| Darwin Darwin | =1.0 | |
| Darwin Darwin | =9.1 | |
| Navision Financials Server | =3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
- http://www.securiteam.com/securityreviews/5PP0H0UNGW.html
- http://www.securityfocus.com/archive/1/487658
- http://www.securityfocus.com/bid/27647
- http://secunia.com/advisories/28819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41157
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40329
- collector/nvd-historical
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple mac os x
- version/apple mac os x/10.0
- version/apple mac os x/10.0.1
- version/apple mac os x/10.0.2
- version/apple mac os x/10.0.3
- version/apple mac os x/10.0.4
- version/apple mac os x/10.1
- version/apple mac os x/10.1.1
- version/apple mac os x/10.1.2
- version/apple mac os x/10.1.3
- version/apple mac os x/10.1.4
- version/apple mac os x/10.1.5
- version/apple mac os x/10.2
- version/apple mac os x/10.2.1
- version/apple mac os x/10.2.2
- version/apple mac os x/10.2.3
- version/apple mac os x/10.2.4
- version/apple mac os x/10.2.5
- version/apple mac os x/10.2.6
- version/apple mac os x/10.2.7
- version/apple mac os x/10.2.8
- version/apple mac os x/10.3
- version/apple mac os x/10.3.1
- version/apple mac os x/10.3.2
- version/apple mac os x/10.3.3
- version/apple mac os x/10.3.4
- version/apple mac os x/10.3.5
- version/apple mac os x/10.3.6
- version/apple mac os x/10.3.7
- version/apple mac os x/10.3.8
- version/apple mac os x/10.3.9
- version/apple mac os x/10.4
- version/apple mac os x/10.4.1
- version/apple mac os x/10.4.2
- version/apple mac os x/10.4.3
- version/apple mac os x/10.4.4
- version/apple mac os x/10.4.5
- version/apple mac os x/10.4.6
- version/apple mac os x/10.4.7
- version/apple mac os x/10.4.8
- version/apple mac os x/10.4.9
- version/apple mac os x/10.4.10
- version/apple mac os x/10.4.11
- version/apple mac os x/10.5
- version/apple mac os x/10.5.1
- canonical/apple mac os x server
- version/apple mac os x server/10.0
- version/apple mac os x server/10.1
- version/apple mac os x server/10.1.1
- version/apple mac os x server/10.1.2
- version/apple mac os x server/10.1.3
- version/apple mac os x server/10.1.4
- version/apple mac os x server/10.1.5
- version/apple mac os x server/10.2
- version/apple mac os x server/10.2.1
- version/apple mac os x server/10.2.2
- version/apple mac os x server/10.2.3
- version/apple mac os x server/10.2.4
- version/apple mac os x server/10.2.5
- version/apple mac os x server/10.2.6
- version/apple mac os x server/10.2.7
- version/apple mac os x server/10.2.8
- version/apple mac os x server/10.3
- version/apple mac os x server/10.3.1
- version/apple mac os x server/10.3.2
- version/apple mac os x server/10.3.3
- version/apple mac os x server/10.3.4
- version/apple mac os x server/10.3.5
- version/apple mac os x server/10.3.6
- version/apple mac os x server/10.3.7
- version/apple mac os x server/10.3.8
- version/apple mac os x server/10.3.9
- version/apple mac os x server/10.4
- version/apple mac os x server/10.4.1
- version/apple mac os x server/10.4.2
- version/apple mac os x server/10.4.3
- version/apple mac os x server/10.4.4
- version/apple mac os x server/10.4.5
- version/apple mac os x server/10.4.6
- version/apple mac os x server/10.4.7
- version/apple mac os x server/10.4.8
- version/apple mac os x server/10.4.9
- version/apple mac os x server/10.4.10
- version/apple mac os x server/10.4.11
- version/apple mac os x server/10.5
- vendor/dragonflybsd
- canonical/dragonflybsd dragonflybsd
- version/dragonflybsd dragonflybsd/1.0
- version/dragonflybsd dragonflybsd/1.1
- version/dragonflybsd dragonflybsd/1.2
- version/dragonflybsd dragonflybsd/1.10.1
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/4.4
- version/freebsd freebsd/4.4-release_p42
- version/freebsd freebsd/4.4-releng
- version/freebsd freebsd/4.4-stable
- version/freebsd freebsd/4.5
- version/freebsd freebsd/4.5-release
- version/freebsd freebsd/4.5-release_p32
- version/freebsd freebsd/4.5-releng
- version/freebsd freebsd/4.5-stable
- version/freebsd freebsd/4.6
- version/freebsd freebsd/4.6-release
- version/freebsd freebsd/4.6-release_p20
- version/freebsd freebsd/4.6-releng
- version/freebsd freebsd/4.6-stable
- version/freebsd freebsd/4.6.2
- version/freebsd freebsd/4.7
- version/freebsd freebsd/4.7-release
- version/freebsd freebsd/4.7-release_p17
- version/freebsd freebsd/4.7-releng
- version/freebsd freebsd/4.7-stable
- version/freebsd freebsd/4.8
- version/freebsd freebsd/4.8-release_p7
- version/freebsd freebsd/4.8-releng
- version/freebsd freebsd/4.8_prerelease
- version/freebsd freebsd/4.9
- version/freebsd freebsd/4.9-releng
- version/freebsd freebsd/4.9_prerelease
- version/freebsd freebsd/4.10
- version/freebsd freebsd/4.10-release
- version/freebsd freebsd/4.10-release_p8
- version/freebsd freebsd/4.10-releng
- version/freebsd freebsd/4.10_prerelease
- version/freebsd freebsd/4.11-release_p3
- version/freebsd freebsd/4.11-releng
- version/freebsd freebsd/4.11-stable
- version/freebsd freebsd/4.11_p20_release
- version/freebsd freebsd/4.11_release
- version/freebsd freebsd/5.0
- version/freebsd freebsd/5.0-alpha
- version/freebsd freebsd/5.0-release_p14
- version/freebsd freebsd/5.0-releng
- version/freebsd freebsd/5.1
- version/freebsd freebsd/5.1-alpha
- version/freebsd freebsd/5.1-release
- version/freebsd freebsd/5.1-release_p5
- version/freebsd freebsd/5.1-releng
- version/freebsd freebsd/5.2
- version/freebsd freebsd/5.2.1-release
- version/freebsd freebsd/5.2.1-releng
- version/freebsd freebsd/5.3
- version/freebsd freebsd/5.3-release
- version/freebsd freebsd/5.3-releng
- version/freebsd freebsd/5.3-stable
- version/freebsd freebsd/5.4-release
- version/freebsd freebsd/5.4-releng
- version/freebsd freebsd/5.4-stable
- version/freebsd freebsd/5.5_release
- version/freebsd freebsd/5.5_stable
- version/freebsd freebsd/6.0
- version/freebsd freebsd/6.0-release
- version/freebsd freebsd/6.0-stable
- version/freebsd freebsd/6.0_p5_release
- version/freebsd freebsd/6.1
- version/freebsd freebsd/6.1-release
- version/freebsd freebsd/6.1-release_p10
- version/freebsd freebsd/6.1-stable
- version/freebsd freebsd/6.2
- version/freebsd freebsd/6.2-stable
- version/freebsd freebsd/6.2_releng
- version/freebsd freebsd/6.3
- version/freebsd freebsd/6.3_releng
- version/freebsd freebsd/7.0-pre-release
- version/freebsd freebsd/7.0_beta4
- version/freebsd freebsd/7.0_releng
- vendor/netbsd
- canonical/netbsd netbsd
- version/netbsd netbsd/1.6.2
- version/netbsd netbsd/2.0
- version/netbsd netbsd/2.0.1
- version/netbsd netbsd/2.0.2
- version/netbsd netbsd/2.0.3
- version/netbsd netbsd/2.0.4
- version/netbsd netbsd/2.1
- version/netbsd netbsd/2.1.1
- version/netbsd netbsd/3.0.1
- version/netbsd netbsd/3.0.2
- version/netbsd netbsd/3.1
- version/netbsd netbsd/3.1-rc1
- version/netbsd netbsd/3.1-rc3
- version/netbsd netbsd/4.0
- version/netbsd netbsd/4.0-beta
- version/netbsd netbsd/4.0-beta2
- vendor/openbsd
- canonical/openbsd openbsd
- version/openbsd openbsd/2.6
- version/openbsd openbsd/2.7
- version/openbsd openbsd/2.8
- version/openbsd openbsd/2.9
- version/openbsd openbsd/3.0
- version/openbsd openbsd/3.1
- version/openbsd openbsd/3.2
- version/openbsd openbsd/3.3
- version/openbsd openbsd/3.4
- version/openbsd openbsd/3.5
- version/openbsd openbsd/3.6
- version/openbsd openbsd/3.7
- version/openbsd openbsd/3.8
- version/openbsd openbsd/3.9
- version/openbsd openbsd/4.0
- version/openbsd openbsd/4.1
- version/openbsd openbsd/4.2
- vendor/cosmicperl
- canonical/cosmicperl directory pro
- version/cosmicperl directory pro/10.0.3
- vendor/darwin
- canonical/darwin darwin
- version/darwin darwin/1.0
- version/darwin darwin/9.1
- vendor/navision
- canonical/navision financials server
- version/navision financials server/3.0