VYPR
Medium severity5.9NVD Advisory· Published Jul 8, 2017· Updated Jun 17, 2026

CVE-2017-11104

CVE-2017-11104

Description

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.

Affected products

11

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.