DEBIAN-CVE-2007-2926
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 24 Jul 2007, 17:30
Last modified:28 Apr 2026, 20:09
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
24 Jul 2007, 17:30
Published
Vulnerability first disclosed
28 Apr 2026, 20:09
Last Modified
Vulnerability information updated
Description
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Affected Systems
- debian•bind9
< 1:9.4.1-P1-1 | < 1:9.4.1-P1-1 | < 1:9.4.1-P1-1 | < 1:9.4.1-P1-1