Medium severity5.3NVD Advisory· Published Jan 16, 2019· Updated Jun 17, 2026
CVE-2017-3142
CVE-2017-3142
Description
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
199.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2+ 1 more
- (no CPE)range: 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2
- (no CPE)range: 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2
- osv-coords17 versionspkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%206
< 9.16.20-1.4+ 16 more
- (no CPE)range: < 9.16.20-1.4
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-28.37.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-28.37.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/99339nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038809nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:1679nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1680nvdThird Party Advisory
- h20566.www2.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- kb.isc.org/docs/aa-01504nvdVendor Advisory
- www.debian.org/security/2017/dsa-3904nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20190830-0003/nvd
News mentions
0No linked articles in our index yet.