High severity7.8NVD Advisory· Published Jul 21, 2001· Updated Jun 16, 2026
CVE-2001-0497
CVE-2001-0497
Description
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
Affected products
2Patches
Vulnerability mechanics
References
3- xforce.iss.net/alerts/advise78.phpnvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/6694nvdThird Party AdvisoryVDB Entry
- www.osvdb.org/5609nvdBroken Link
News mentions
0No linked articles in our index yet.