CWE
NVD-CWE-Other
Advisory Published
Updated

CVE-2008-1148

First published: Tue Mar 04 2008(Updated: )

A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Apple Mac OS X=10.0
Apple Mac OS X=10.0.1
Apple Mac OS X=10.0.2
Apple Mac OS X=10.0.3
Apple Mac OS X=10.0.4
Apple Mac OS X=10.1
Apple Mac OS X=10.1.1
Apple Mac OS X=10.1.2
Apple Mac OS X=10.1.3
Apple Mac OS X=10.1.4
Apple Mac OS X=10.1.5
Apple Mac OS X=10.2
Apple Mac OS X=10.2.1
Apple Mac OS X=10.2.2
Apple Mac OS X=10.2.3
Apple Mac OS X=10.2.4
Apple Mac OS X=10.2.5
Apple Mac OS X=10.2.6
Apple Mac OS X=10.2.7
Apple Mac OS X=10.2.8
Apple Mac OS X=10.3
Apple Mac OS X=10.3.1
Apple Mac OS X=10.3.2
Apple Mac OS X=10.3.3
Apple Mac OS X=10.3.4
Apple Mac OS X=10.3.5
Apple Mac OS X=10.3.6
Apple Mac OS X=10.3.7
Apple Mac OS X=10.3.8
Apple Mac OS X=10.3.9
Apple Mac OS X=10.4
Apple Mac OS X=10.4.1
Apple Mac OS X=10.4.2
Apple Mac OS X=10.4.3
Apple Mac OS X=10.4.4
Apple Mac OS X=10.4.5
Apple Mac OS X=10.4.6
Apple Mac OS X=10.4.7
Apple Mac OS X=10.4.8
Apple Mac OS X=10.4.9
Apple Mac OS X=10.4.10
Apple Mac OS X=10.4.11
Apple Mac OS X=10.5
Apple Mac OS X=10.5.1
Apple Mac OS X Server=10.0
Apple Mac OS X Server=10.1
Apple Mac OS X Server=10.1.1
Apple Mac OS X Server=10.1.2
Apple Mac OS X Server=10.1.3
Apple Mac OS X Server=10.1.4
Apple Mac OS X Server=10.1.5
Apple Mac OS X Server=10.2
Apple Mac OS X Server=10.2.1
Apple Mac OS X Server=10.2.2
Apple Mac OS X Server=10.2.3
Apple Mac OS X Server=10.2.4
Apple Mac OS X Server=10.2.5
Apple Mac OS X Server=10.2.6
Apple Mac OS X Server=10.2.7
Apple Mac OS X Server=10.2.8
Apple Mac OS X Server=10.3
Apple Mac OS X Server=10.3.1
Apple Mac OS X Server=10.3.2
Apple Mac OS X Server=10.3.3
Apple Mac OS X Server=10.3.4
Apple Mac OS X Server=10.3.5
Apple Mac OS X Server=10.3.6
Apple Mac OS X Server=10.3.7
Apple Mac OS X Server=10.3.8
Apple Mac OS X Server=10.3.9
Apple Mac OS X Server=10.4
Apple Mac OS X Server=10.4.1
Apple Mac OS X Server=10.4.2
Apple Mac OS X Server=10.4.3
Apple Mac OS X Server=10.4.4
Apple Mac OS X Server=10.4.5
Apple Mac OS X Server=10.4.6
Apple Mac OS X Server=10.4.7
Apple Mac OS X Server=10.4.8
Apple Mac OS X Server=10.4.9
Apple Mac OS X Server=10.4.10
Apple Mac OS X Server=10.4.11
Apple Mac OS X Server=10.5
Dragonflybsd Dragonflybsd=1.0
Dragonflybsd Dragonflybsd=1.1
Dragonflybsd Dragonflybsd=1.2
Dragonflybsd Dragonflybsd=1.10.1
FreeBSD FreeBSD=4.4
FreeBSD FreeBSD=4.4-release_p42
FreeBSD FreeBSD=4.4-releng
FreeBSD FreeBSD=4.4-stable
FreeBSD FreeBSD=4.5
FreeBSD FreeBSD=4.5-release
FreeBSD FreeBSD=4.5-release_p32
FreeBSD FreeBSD=4.5-releng
FreeBSD FreeBSD=4.5-stable
FreeBSD FreeBSD=4.6
FreeBSD FreeBSD=4.6-release
FreeBSD FreeBSD=4.6-release_p20
FreeBSD FreeBSD=4.6-releng
FreeBSD FreeBSD=4.6-stable
FreeBSD FreeBSD=4.6.2
FreeBSD FreeBSD=4.7
FreeBSD FreeBSD=4.7-release
FreeBSD FreeBSD=4.7-release_p17
FreeBSD FreeBSD=4.7-releng
FreeBSD FreeBSD=4.7-stable
FreeBSD FreeBSD=4.8
FreeBSD FreeBSD=4.8-release_p7
FreeBSD FreeBSD=4.8-releng
FreeBSD FreeBSD=4.8_prerelease
FreeBSD FreeBSD=4.9
FreeBSD FreeBSD=4.9-releng
FreeBSD FreeBSD=4.9_prerelease
FreeBSD FreeBSD=4.10
FreeBSD FreeBSD=4.10-release
FreeBSD FreeBSD=4.10-release_p8
FreeBSD FreeBSD=4.10-releng
FreeBSD FreeBSD=4.10_prerelease
FreeBSD FreeBSD=4.11-release_p3
FreeBSD FreeBSD=4.11-releng
FreeBSD FreeBSD=4.11-stable
FreeBSD FreeBSD=4.11_p20_release
FreeBSD FreeBSD=4.11_release
FreeBSD FreeBSD=5.0
FreeBSD FreeBSD=5.0-alpha
FreeBSD FreeBSD=5.0-release_p14
FreeBSD FreeBSD=5.0-releng
FreeBSD FreeBSD=5.1
FreeBSD FreeBSD=5.1-alpha
FreeBSD FreeBSD=5.1-release
FreeBSD FreeBSD=5.1-release_p5
FreeBSD FreeBSD=5.1-releng
FreeBSD FreeBSD=5.2
FreeBSD FreeBSD=5.2.1-release
FreeBSD FreeBSD=5.2.1-releng
FreeBSD FreeBSD=5.3
FreeBSD FreeBSD=5.3-release
FreeBSD FreeBSD=5.3-releng
FreeBSD FreeBSD=5.3-stable
FreeBSD FreeBSD=5.4-release
FreeBSD FreeBSD=5.4-releng
FreeBSD FreeBSD=5.4-stable
FreeBSD FreeBSD=5.5_release
FreeBSD FreeBSD=5.5_stable
FreeBSD FreeBSD=6.0
FreeBSD FreeBSD=6.0-release
FreeBSD FreeBSD=6.0-stable
FreeBSD FreeBSD=6.0_p5_release
FreeBSD FreeBSD=6.1
FreeBSD FreeBSD=6.1-release
FreeBSD FreeBSD=6.1-release_p10
FreeBSD FreeBSD=6.1-stable
FreeBSD FreeBSD=6.2
FreeBSD FreeBSD=6.2-stable
FreeBSD FreeBSD=6.2_releng
FreeBSD FreeBSD=6.3
FreeBSD FreeBSD=6.3_releng
FreeBSD FreeBSD=7.0-pre-release
FreeBSD FreeBSD=7.0_beta4
FreeBSD FreeBSD=7.0_releng
NetBSD NetBSD=1.6.2
NetBSD NetBSD=2.0
NetBSD NetBSD=2.0.1
NetBSD NetBSD=2.0.2
NetBSD NetBSD=2.0.3
NetBSD NetBSD=2.0.4
NetBSD NetBSD=2.1
NetBSD NetBSD=2.1.1
NetBSD NetBSD=3.0.1
NetBSD NetBSD=3.0.2
NetBSD NetBSD=3.1
NetBSD NetBSD=3.1-rc1
NetBSD NetBSD=3.1-rc3
NetBSD NetBSD=4.0
NetBSD NetBSD=4.0-beta
NetBSD NetBSD=4.0-beta2
Openbsd Openbsd=2.6
Openbsd Openbsd=2.7
Openbsd Openbsd=2.8
Openbsd Openbsd=2.9
Openbsd Openbsd=3.0
Openbsd Openbsd=3.1
Openbsd Openbsd=3.2
Openbsd Openbsd=3.3
Openbsd Openbsd=3.4
Openbsd Openbsd=3.5
Openbsd Openbsd=3.6
Openbsd Openbsd=3.7
Openbsd Openbsd=3.8
Openbsd Openbsd=3.9
Openbsd Openbsd=4.0
Openbsd Openbsd=4.1
Openbsd Openbsd=4.2
Cosmicperl Directory Pro=10.0.3
Darwin Darwin=1.0
Darwin Darwin=9.1
Navision Financials Server=3.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203