CVE-2017-3143: An error in TSIG authentication can permit unauthorized dynamic updates
by CIRT Team
Description: An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update.
Impact: A server that relies solely on TSIG keys with no other address-based ACL protection could be vulnerable to malicious zone content manipulation using this technique.
Mitigation: Security update is available in official site.
Reference URL’s:
- https://kb.isc.org/article/AA-01504/74/CVE-2017-3142
- https://access.redhat.com/security/cve/CVE-2017-3142
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
