Lucene search

K

MitreCVELIST:CVE-2017-11104

HistoryJul 08, 2017 - 10:00 a.m.

CVE-2017-11104

2017-07-0810:00:00

mitre

www.cve.org

1

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.

References

lists.opensuse.org/opensuse-security-announce/2020-07/msg00076.html

lists.opensuse.org/opensuse-security-announce/2020-07/msg00078.html

lists.opensuse.org/opensuse-security-announce/2020-07/msg00089.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00049.html

www.debian.org/security/2017/dsa-3910

www.securityfocus.com/bid/99598

www.synacktiv.ninja/ressources/Knot_DNS_TSIG_Signature_Forgery.pdf

bugs.debian.org/865678

lists.nic.cz/pipermail/knot-dns-users/2017-June/001144.html

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

Related for CVELIST:CVE-2017-11104

nessus6 openvas7 suse5 fedora1 prion1 osv1 ubuntucve1 nvd2 cve2 debiancve1 alpinelinux1 debian1