1. Home
  2. Vulnerabilities
  3. CVE-2017-3142

CVE-2017-3142

CVSS v3.0 3.7 (Low)
37% Progress
CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 1.44 % (87th)
1.44% Progress
Affected Products 8
Advisories 20
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
Internet Systems Consortium (ISC)
Published Date
2019-01-16 20:29:00
(5 years ago)
Updated Date
2019-08-30 17:15:10
(5 years ago)

Affected Products

Debian

Isc

Redhat

Configuration #1

    CPE23 From Up To
  Isc Bind from 9.4.0 version and 9.8.8 and prior versions cpe:2.3:a:isc:bind >= 9.4.0 <= 9.8.8
  Isc Bind from 9.9.0 version and 9.9.10 and prior versions cpe:2.3:a:isc:bind >= 9.9.0 <= 9.9.10
  Isc Bind from 9.10.0 version and 9.10.5 and prior versions cpe:2.3:a:isc:bind >= 9.10.0 <= 9.10.5
  Isc Bind from 9.11.0 version and 9.11.1 and prior versions cpe:2.3:a:isc:bind >= 9.11.0 <= 9.11.1
  Isc Bind 9.9.0 P1 cpe:2.3:a:isc:bind:9.9.0:p1
  Isc Bind 9.9.3 S1 cpe:2.3:a:isc:bind:9.9.3:s1
  Isc Bind 9.9.10 S2 cpe:2.3:a:isc:bind:9.9.10:s2
  Isc Bind 9.10.5 P1 cpe:2.3:a:isc:bind:9.10.5:p1
  Isc Bind 9.10.5 S1 cpe:2.3:a:isc:bind:9.10.5:s1
  Isc Bind 9.10.5 S2 cpe:2.3:a:isc:bind:9.10.5:s2
  Isc Bind 9.11.1 P1 cpe:2.3:a:isc:bind:9.11.1:p1

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux Desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux Server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Server Aus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
  Redhat Enterprise Linux Server Aus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  Redhat Enterprise Linux Server Aus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  Redhat Enterprise Linux Server Eus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  Redhat Enterprise Linux Server Eus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  Redhat Enterprise Linux Server Eus 7.5 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  Redhat Enterprise Linux Server Eus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  Redhat Enterprise Linux Server Tus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
  Redhat Enterprise Linux Server Tus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  Redhat Enterprise Linux Workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #3

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0