CVE-2007-2930
ISC BIND <8.4.7-P1 - Info Disclosure
Title source: llmDescription
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Amit Klein · perlremotelinux
https://www.exploit-db.com/exploits/30536
exploitdb
WORKING POC
VERIFIED
by Amit Klein · perlremotelinux
https://www.exploit-db.com/exploits/30535
References (28)
... and 8 more
Scores
EPSS
0.1765
EPSS Percentile
95.1%
Details
Status
published
Products (1)
isc/bind
< 8.4.7
Published
Sep 12, 2007
Tracked Since
Feb 18, 2026