CVE-2008-1447

Name: CVE-2008-1447
Creator: NVD / NIST
Published: 2008-07-08T23:41:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.8/10EPSS 95.18%

Last modified Jun 16, 2026

CVE-2008-1447 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". EPSS estimates a 95.18% chance of exploitation in the next 30 days.

Description

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Metrics

CVSS 3.1

6.8/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

EPSS Probability

95.18%

99.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-331

Affected Software

Vendor	Product	Versions
Isc	Bind	4
Isc	Bind	8
Isc	Bind	9.2.9

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.ascThird Party Advisory, Vendor Advisory
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.htmlTechnical Description
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368Broken Link
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlMailing List, Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.htmlBroken Link
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlThird Party Advisory
http://marc.info/?l=bugtraq&m=121630706004256&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=121866517322103&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=123324863916385&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=141879471518471&w=2Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2008-0533.htmlThird Party Advisory
http://secunia.com/advisories/30925Third Party Advisory
http://secunia.com/advisories/30973Third Party Advisory
http://secunia.com/advisories/30977Third Party Advisory
http://secunia.com/advisories/30979Third Party Advisory
http://secunia.com/advisories/30980Third Party Advisory
http://secunia.com/advisories/30988Third Party Advisory, Vendor Advisory
http://secunia.com/advisories/30989Vendor Advisory
http://secunia.com/advisories/30998Third Party Advisory
http://secunia.com/advisories/31011Third Party Advisory
http://secunia.com/advisories/31012Third Party Advisory
http://secunia.com/advisories/31014Third Party Advisory
http://secunia.com/advisories/31019Third Party Advisory
http://secunia.com/advisories/31022Third Party Advisory
http://secunia.com/advisories/31030Third Party Advisory
http://secunia.com/advisories/31031Third Party Advisory
http://secunia.com/advisories/31033Vendor Advisory
http://secunia.com/advisories/31052Vendor Advisory
http://secunia.com/advisories/31065Third Party Advisory
http://secunia.com/advisories/31072Third Party Advisory
http://secunia.com/advisories/31093Third Party Advisory
http://secunia.com/advisories/31094Vendor Advisory
http://secunia.com/advisories/31137Vendor Advisory
http://secunia.com/advisories/31143Third Party Advisory
http://secunia.com/advisories/31151Third Party Advisory
http://secunia.com/advisories/31152Third Party Advisory
http://secunia.com/advisories/31153Third Party Advisory
http://secunia.com/advisories/31169Third Party Advisory
http://secunia.com/advisories/31197Vendor Advisory
http://secunia.com/advisories/31199Third Party Advisory
http://secunia.com/advisories/31204Third Party Advisory
http://secunia.com/advisories/31207Vendor Advisory
http://secunia.com/advisories/31209Third Party Advisory
http://secunia.com/advisories/31212Third Party Advisory
http://secunia.com/advisories/31213Third Party Advisory
http://secunia.com/advisories/31221Third Party Advisory
http://secunia.com/advisories/31236Third Party Advisory
http://secunia.com/advisories/31237Vendor Advisory
http://secunia.com/advisories/31254Vendor Advisory
http://secunia.com/advisories/31326Third Party Advisory
http://secunia.com/advisories/31354Third Party Advisory
http://secunia.com/advisories/31422Third Party Advisory
http://secunia.com/advisories/31430Third Party Advisory
http://secunia.com/advisories/31451Third Party Advisory
http://secunia.com/advisories/31482Third Party Advisory
http://secunia.com/advisories/31495Third Party Advisory
http://secunia.com/advisories/31588Third Party Advisory
http://secunia.com/advisories/31687Third Party Advisory
http://secunia.com/advisories/31823Third Party Advisory
http://secunia.com/advisories/31882Third Party Advisory
http://secunia.com/advisories/31900Third Party Advisory
http://secunia.com/advisories/33178Third Party Advisory
http://secunia.com/advisories/33714Third Party Advisory
http://secunia.com/advisories/33786Third Party Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.ascThird Party Advisory
http://security.gentoo.org/glsa/glsa-200807-08.xmlThird Party Advisory
http://security.gentoo.org/glsa/glsa-200812-17.xmlThird Party Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xmlThird Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1Third Party Advisory
http://support.apple.com/kb/HT3026Third Party Advisory
http://support.apple.com/kb/HT3129Third Party Advisory
http://support.citrix.com/article/CTX117991Third Party Advisory
http://support.citrix.com/article/CTX118183Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152Third Party Advisory
http://up2date.astaro.com/2008/08/up2date_7202_released.htmlThird Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018Third Party Advisory
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoningThird Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0002.txtThird Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0003.txtThird Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtmlThird Party Advisory
http://www.debian.org/security/2008/dsa-1603Patch
http://www.debian.org/security/2008/dsa-1604Third Party Advisory
http://www.debian.org/security/2008/dsa-1605Third Party Advisory
http://www.debian.org/security/2008/dsa-1619Third Party Advisory
http://www.debian.org/security/2008/dsa-1623Third Party Advisory
http://www.doxpara.com/?p=1176Third Party Advisory
http://www.doxpara.com/DMK_BO2K8.pptThird Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672Third Party Advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40Third Party Advisory
http://www.isc.org/index.pl?/sw/bind/bind-security.phpThird Party Advisory
http://www.kb.cert.org/vuls/id/800113Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7DWR4JThird Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7ECL8QThird Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139Third Party Advisory
http://www.nominum.com/asset_upload_file741_2661.pdfThird Party Advisory
http://www.novell.com/support/viewContent.do?externalId=7000912Third Party Advisory
http://www.openbsd.org/errata42.html#013_bindThird Party Advisory
http://www.openbsd.org/errata43.html#004_bindThird Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd.htmlThird Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLogThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0789.htmlThird Party Advisory
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.htmlThird Party Advisory
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/Third Party Advisory
http://www.securityfocus.com/archive/1/495289/100/0/threadedThird Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/495869/100/0/threadedThird Party Advisory, VDB Entry
http://www.securityfocus.com/bid/30131Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020437Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020438Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020440Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020448Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020449Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020548Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020558Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020560Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020561Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020575Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020576Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020577Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020578Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020579Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020651Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020653Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020702Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020802Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020804Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-622-1Third Party Advisory
http://www.ubuntu.com/usn/usn-627-1Third Party Advisory
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.htmlThird Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-190A.htmlThird Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-190B.htmlThird Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-260A.htmlThird Party Advisory, US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0014.htmlThird Party Advisory
http://www.vupen.com/english/advisories/2008/2019/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2023/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2025/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2029/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2030/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2050/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2051/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2052/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2055/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2092/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2113/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2114/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2123/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2139/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2166/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2195/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2196/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2197/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2268Third Party Advisory
http://www.vupen.com/english/advisories/2008/2291Third Party Advisory
http://www.vupen.com/english/advisories/2008/2334Third Party Advisory
http://www.vupen.com/english/advisories/2008/2342Third Party Advisory
http://www.vupen.com/english/advisories/2008/2377Third Party Advisory
http://www.vupen.com/english/advisories/2008/2383Third Party Advisory
http://www.vupen.com/english/advisories/2008/2384Third Party Advisory
http://www.vupen.com/english/advisories/2008/2466Third Party Advisory
http://www.vupen.com/english/advisories/2008/2467Third Party Advisory
http://www.vupen.com/english/advisories/2008/2482Third Party Advisory
http://www.vupen.com/english/advisories/2008/2525Third Party Advisory
http://www.vupen.com/english/advisories/2008/2549Third Party Advisory
http://www.vupen.com/english/advisories/2008/2558Third Party Advisory
http://www.vupen.com/english/advisories/2008/2582Third Party Advisory
http://www.vupen.com/english/advisories/2008/2584Third Party Advisory
http://www.vupen.com/english/advisories/2009/0297Third Party Advisory
http://www.vupen.com/english/advisories/2009/0311Third Party Advisory
http://www.vupen.com/english/advisories/2010/0622Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627Tool Signature
https://www.exploit-db.com/exploits/6122Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6123Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6130Third Party Advisory, VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.htmlThird Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.htmlThird Party Advisory
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.ascThird Party Advisory, Vendor Advisory
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.htmlTechnical Description
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368Broken Link
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.htmlMailing List, Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.htmlMailing List, Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.htmlBroken Link
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.htmlThird Party Advisory
http://marc.info/?l=bugtraq&m=121630706004256&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=121866517322103&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=123324863916385&w=2Third Party Advisory
http://marc.info/?l=bugtraq&m=141879471518471&w=2Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2008-0533.htmlThird Party Advisory
http://secunia.com/advisories/30925Third Party Advisory
http://secunia.com/advisories/30973Third Party Advisory
http://secunia.com/advisories/30977Third Party Advisory
http://secunia.com/advisories/30979Third Party Advisory
http://secunia.com/advisories/30980Third Party Advisory
http://secunia.com/advisories/30988Third Party Advisory, Vendor Advisory
http://secunia.com/advisories/30989Vendor Advisory
http://secunia.com/advisories/30998Third Party Advisory
http://secunia.com/advisories/31011Third Party Advisory
http://secunia.com/advisories/31012Third Party Advisory
http://secunia.com/advisories/31014Third Party Advisory
http://secunia.com/advisories/31019Third Party Advisory
http://secunia.com/advisories/31022Third Party Advisory
http://secunia.com/advisories/31030Third Party Advisory
http://secunia.com/advisories/31031Third Party Advisory
http://secunia.com/advisories/31033Vendor Advisory
http://secunia.com/advisories/31052Vendor Advisory
http://secunia.com/advisories/31065Third Party Advisory
http://secunia.com/advisories/31072Third Party Advisory
http://secunia.com/advisories/31093Third Party Advisory
http://secunia.com/advisories/31094Vendor Advisory
http://secunia.com/advisories/31137Vendor Advisory
http://secunia.com/advisories/31143Third Party Advisory
http://secunia.com/advisories/31151Third Party Advisory
http://secunia.com/advisories/31152Third Party Advisory
http://secunia.com/advisories/31153Third Party Advisory
http://secunia.com/advisories/31169Third Party Advisory
http://secunia.com/advisories/31197Vendor Advisory
http://secunia.com/advisories/31199Third Party Advisory
http://secunia.com/advisories/31204Third Party Advisory
http://secunia.com/advisories/31207Vendor Advisory
http://secunia.com/advisories/31209Third Party Advisory
http://secunia.com/advisories/31212Third Party Advisory
http://secunia.com/advisories/31213Third Party Advisory
http://secunia.com/advisories/31221Third Party Advisory
http://secunia.com/advisories/31236Third Party Advisory
http://secunia.com/advisories/31237Vendor Advisory
http://secunia.com/advisories/31254Vendor Advisory
http://secunia.com/advisories/31326Third Party Advisory
http://secunia.com/advisories/31354Third Party Advisory
http://secunia.com/advisories/31422Third Party Advisory
http://secunia.com/advisories/31430Third Party Advisory
http://secunia.com/advisories/31451Third Party Advisory
http://secunia.com/advisories/31482Third Party Advisory
http://secunia.com/advisories/31495Third Party Advisory
http://secunia.com/advisories/31588Third Party Advisory
http://secunia.com/advisories/31687Third Party Advisory
http://secunia.com/advisories/31823Third Party Advisory
http://secunia.com/advisories/31882Third Party Advisory
http://secunia.com/advisories/31900Third Party Advisory
http://secunia.com/advisories/33178Third Party Advisory
http://secunia.com/advisories/33714Third Party Advisory
http://secunia.com/advisories/33786Third Party Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.ascThird Party Advisory
http://security.gentoo.org/glsa/glsa-200807-08.xmlThird Party Advisory
http://security.gentoo.org/glsa/glsa-200812-17.xmlThird Party Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xmlThird Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1Third Party Advisory
http://support.apple.com/kb/HT3026Third Party Advisory
http://support.apple.com/kb/HT3129Third Party Advisory
http://support.citrix.com/article/CTX117991Third Party Advisory
http://support.citrix.com/article/CTX118183Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152Third Party Advisory
http://up2date.astaro.com/2008/08/up2date_7202_released.htmlThird Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018Third Party Advisory
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoningThird Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0002.txtThird Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0003.txtThird Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtmlThird Party Advisory
http://www.debian.org/security/2008/dsa-1603Patch
http://www.debian.org/security/2008/dsa-1604Third Party Advisory
http://www.debian.org/security/2008/dsa-1605Third Party Advisory
http://www.debian.org/security/2008/dsa-1619Third Party Advisory
http://www.debian.org/security/2008/dsa-1623Third Party Advisory
http://www.doxpara.com/?p=1176Third Party Advisory
http://www.doxpara.com/DMK_BO2K8.pptThird Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672Third Party Advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40Third Party Advisory
http://www.isc.org/index.pl?/sw/bind/bind-security.phpThird Party Advisory
http://www.kb.cert.org/vuls/id/800113Third Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7DWR4JThird Party Advisory, US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7ECL8QThird Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139Third Party Advisory
http://www.nominum.com/asset_upload_file741_2661.pdfThird Party Advisory
http://www.novell.com/support/viewContent.do?externalId=7000912Third Party Advisory
http://www.openbsd.org/errata42.html#013_bindThird Party Advisory
http://www.openbsd.org/errata43.html#004_bindThird Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd.htmlThird Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLogThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0789.htmlThird Party Advisory
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.htmlThird Party Advisory
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/Third Party Advisory
http://www.securityfocus.com/archive/1/495289/100/0/threadedThird Party Advisory, VDB Entry
http://www.securityfocus.com/archive/1/495869/100/0/threadedThird Party Advisory, VDB Entry
http://www.securityfocus.com/bid/30131Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020437Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020438Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020440Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020448Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020449Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020548Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020558Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020560Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020561Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020575Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020576Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020577Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020578Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020579Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020651Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020653Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020702Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020802Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020804Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/usn-622-1Third Party Advisory
http://www.ubuntu.com/usn/usn-627-1Third Party Advisory
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.htmlThird Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-190A.htmlThird Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-190B.htmlThird Party Advisory, US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-260A.htmlThird Party Advisory, US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0014.htmlThird Party Advisory
http://www.vupen.com/english/advisories/2008/2019/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2023/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2025/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2029/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2030/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2050/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2051/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2052/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2055/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2092/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2113/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2114/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2123/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2139/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2166/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2195/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2196/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2197/referencesThird Party Advisory
http://www.vupen.com/english/advisories/2008/2268Third Party Advisory
http://www.vupen.com/english/advisories/2008/2291Third Party Advisory
http://www.vupen.com/english/advisories/2008/2334Third Party Advisory
http://www.vupen.com/english/advisories/2008/2342Third Party Advisory
http://www.vupen.com/english/advisories/2008/2377Third Party Advisory
http://www.vupen.com/english/advisories/2008/2383Third Party Advisory
http://www.vupen.com/english/advisories/2008/2384Third Party Advisory
http://www.vupen.com/english/advisories/2008/2466Third Party Advisory
http://www.vupen.com/english/advisories/2008/2467Third Party Advisory
http://www.vupen.com/english/advisories/2008/2482Third Party Advisory
http://www.vupen.com/english/advisories/2008/2525Third Party Advisory
http://www.vupen.com/english/advisories/2008/2549Third Party Advisory
http://www.vupen.com/english/advisories/2008/2558Third Party Advisory
http://www.vupen.com/english/advisories/2008/2582Third Party Advisory
http://www.vupen.com/english/advisories/2008/2584Third Party Advisory
http://www.vupen.com/english/advisories/2009/0297Third Party Advisory
http://www.vupen.com/english/advisories/2009/0311Third Party Advisory
http://www.vupen.com/english/advisories/2010/0622Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637Third Party Advisory, VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627Tool Signature
https://www.exploit-db.com/exploits/6122Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6123Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/6130Third Party Advisory, VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.htmlThird Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.htmlThird Party Advisory

Timeline

Published: Jul 8, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-1447?

How severe is CVE-2008-1447?

CVE-2008-1447 has a CVSS score of 6.8/10 (MEDIUM severity). The EPSS model estimates a 95.18% probability of exploitation in the next 30 days.

How do I fix CVE-2008-1447?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-1447?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST