Unrated severityNVD Advisory· Published Jan 16, 2019· Updated Sep 16, 2024
An error in TSIG authentication can permit unauthorized zone transfers
CVE-2017-3142
Description
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
Affected products
18- osv-coords17 versionspkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%206
< 9.16.20-1.4+ 16 more
- (no CPE)range: < 9.16.20-1.4
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-28.37.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-28.37.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.6P1-0.50.1
- (no CPE)range: < 9.9.9P1-62.1
- (no CPE)range: < 9.9.9P1-62.1
- ISC/BIND 9v5Range: 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- access.redhat.com/errata/RHSA-2017:1679mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2017:1680mitrevendor-advisoryx_refsource_REDHAT
- www.debian.org/security/2017/dsa-3904mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/99339mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1038809mitrevdb-entryx_refsource_SECTRACK
- h20566.www2.hpe.com/hpsc/doc/public/displaymitrex_refsource_CONFIRM
- kb.isc.org/docs/aa-01504mitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20190830-0003/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.