ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293
https://issues.rpath.com/browse/RPL-1587
https://exchange.xforce.ibmcloud.com/vulnerabilities/35575
http://www.vupen.com/english/advisories/2007/3868
http://www.vupen.com/english/advisories/2007/3242
http://www.vupen.com/english/advisories/2007/2932
http://www.vupen.com/english/advisories/2007/2914
http://www.vupen.com/english/advisories/2007/2782
http://www.vupen.com/english/advisories/2007/2662
http://www.vupen.com/english/advisories/2007/2627
http://www.us-cert.gov/cas/techalerts/TA07-319A.html
http://www.ubuntu.com/usn/usn-491-1
http://www.trustix.org/errata/2007/0023/
http://www.trusteer.com/docs/bind9dns_s.html
http://www.trusteer.com/docs/bind9dns.html
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385
http://www.securitytracker.com/id?1018442
http://www.securityfocus.com/bid/26444
http://www.securityfocus.com/bid/25037
http://www.securityfocus.com/archive/1/474856/100/0/threaded
http://www.securityfocus.com/archive/1/474808/100/0/threaded
http://www.securityfocus.com/archive/1/474545/100/0/threaded
http://www.securityfocus.com/archive/1/474516/100/0/threaded
http://www.securiteam.com/securitynews/5VP0L0UM0A.html
http://www.redhat.com/support/errata/RHSA-2007-0740.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html
http://www.novell.com/linux/security/advisories/2007_47_bind.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149
http://www.kb.cert.org/vuls/id/252735
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml
http://www.debian.org/security/2007/dsa-1341
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903
http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc
http://secunia.com/advisories/27643
http://secunia.com/advisories/26925
http://secunia.com/advisories/26847
http://secunia.com/advisories/26607
http://secunia.com/advisories/26605
http://secunia.com/advisories/26531
http://secunia.com/advisories/26515
http://secunia.com/advisories/26509
http://secunia.com/advisories/26330
http://secunia.com/advisories/26308
http://secunia.com/advisories/26261
http://secunia.com/advisories/26236
http://secunia.com/advisories/26231
http://secunia.com/advisories/26227
http://secunia.com/advisories/26217
http://secunia.com/advisories/26195
http://secunia.com/advisories/26180
http://secunia.com/advisories/26160
http://secunia.com/advisories/26152
http://secunia.com/advisories/26148
http://marc.info/?l=bugtraq&m=141879471518471&w=2
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426