What is CVE-2008-1447?

CVE-2008-1447 is a vulnerability in N/a. Published 2008-07-08.

Is CVE-2008-1447 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-1447

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS…

EPSS: 0.877 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

1020438 (vdb-entry, x_refsource_SECTRACK)
FEDORA-2008-6256 (x_refsource_FEDORA, vendor-advisory)
SUSE-SR:2008:017 (vendor-advisory, x_refsource_SUSE)
VU#800113 (x_refsource_CERT-VN, third-party-advisory)
31137 (x_refsource_SECUNIA, third-party-advisory)
31430 (x_refsource_SECUNIA, third-party-advisory)
www.kb.cert.org/vuls/id/MIMG-7DWR4J (x_refsource_CONFIRM)
31169 (x_refsource_SECUNIA, third-party-advisory)
www.phys.uu.nl/~rombouts/pdnsd.html (x_refsource_CONFIRM)
1020702 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2008-1447?: CVE-2008-1447 is a vulnerability in N/a. Published 2008-07-08.
Is CVE-2008-1447 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.