CVE-2007-2926
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-2926
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ISC BIND可预测DNS查询ID漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。 BIND 9事件ID的生成算法实现上存在漏洞,远程攻击者可能利用此漏洞影响DNS的缓存。 BIND 9的事件ID是非随机的,攻击者只需观察ID的最后几个值就可以预测下一个ID值。如果要执行这种攻击,攻击者要创建拥有特制权威DNS服务器的域,然后通过各种方法强制缓存DNS服务器向其DNS服务器发送几个DNS请求,这样就可以收集一些事件ID的值。 其中的一种攻击技术是要求最后的事
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-2926
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-2926
请登录查看更多情报信息。
- ftp://aix.software.ibm.com/aix/efixes/security/READMEx_refsource_CONFIRM
- http://support.avaya.com/elmodocs2/security/ASA-2007-389.htmx_refsource_CONFIRM
- http://www.trusteer.com/docs/bind9dns_s.htmlx_refsource_MISC
- https://issues.rpath.com/browse/RPL-1587x_refsource_CONFIRM
- http://www.isc.org/index.pl?/sw/bind/bind-security.phpx_refsource_CONFIRM
- http://www.trusteer.com/docs/bind9dns.htmlx_refsource_MISC
- http://docs.info.apple.com/article.html?artnum=307041x_refsource_CONFIRM
- http://www.securiteam.com/securitynews/5VP0L0UM0A.htmlx_refsource_MISC
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903x_refsource_CONFIRM
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1vendor-advisoryx_refsource_SUNALERT
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426vendor-advisoryx_refsource_HP
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368vendor-advisoryx_refsource_HP
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600vendor-advisoryx_refsource_HP
- ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.ascvendor-advisoryx_refsource_SGI
- http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385vendor-advisoryx_refsource_SLACKWARE
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.htmlvendor-advisoryx_refsource_OPENPKG
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226vdb-entrysignaturex_refsource_OVAL
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2007-2926
Same Patch Batch · n/a · 2007-07-24 · 17 CVEs total
| CVE-2007-3955 | LinkedIn IE工具栏IEContextMenu控件远程溢出漏洞 | |
| CVE-2007-3956 | TeamSpeak WebServer 远程拒绝服务漏洞 | |
| CVE-2007-3957 | Nipun Jain xserver 缓冲区溢出漏洞 | |
| CVE-2007-3958 | Microsoft Windows Explorer 远程拒绝服务漏洞 | |
| CVE-2007-3959 | Ipswitch Instant Messaging 畸形消息远程拒绝服务漏洞 | |
| CVE-2007-3960 | IBM WebSphere未知远程安全漏洞 | |
| CVE-2007-2925 | ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content 安全绕过漏洞 | |
| CVE-2007-3951 | Norman Antivirus 多个缓冲区溢出漏洞 | |
| CVE-2007-3952 | Norman Antivirus 远程软件检测漏洞 | |
| CVE-2007-3953 | Norman Antivirus 远程拒绝服务漏洞 | |
| CVE-2007-3954 | Microsoft Internet Explorer 跨站脚本漏洞 | |
| CVE-2007-3946 | Lighttpd 'http_auth.c'远程拒绝服务攻击漏洞 | |
| CVE-2007-3947 | Lighttpd 'request.c'远程拒绝服务攻击漏洞 | |
| CVE-2007-3948 | Lighttpd 'connections.c'远程拒绝服务攻击漏洞 | |
| CVE-2007-3949 | Lighttpd 'mod_access.c'信息泄露漏洞 | |
| CVE-2007-3950 | Lighttpd 多个模块 拒绝服务攻击漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2007-2926
No comments yet