CVE-2007-2930

Name of the Vulnerable Software and Affected Versions ISC BIND 8 versions prior to 8.4.7-P1

Description The issue affects the NSID SHUFFLE ONLY and NSID USE POOL PRNG algorithms, which generate predictable DNS query identifiers when sending outgoing queries, such as NOTIFY messages, when answering questions as a resolver. This allows remote attackers to poison DNS caches via unknown vectors.

Recommendations For versions prior to 8.4.7-P1, update to version 8.4.7-P1 or later to resolve the issue.