CVE-2026-42002

Concurrency and locking defects in GSS-TSIG...

EUVD-2017-2741

Malware in sbrugna...

Gssapi-Abuse - A Tool For Enumerating Potential Hosts That Are Open To GSSAPI Abuse Within Active Directory Networks

gssapi-abuse was released as part of my DEF CON 31 talk. A full write up on the abuse vector can be found here: A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks The tool has two features. The first is the ability to enumerate non Windows hosts that are joined to Active Directory that offer...

Security update for knot (moderate)

openSUSE Security Update: Security update for knot Announcement ID: openSUSE-SU-2020:1232-1 Rating: moderate References: 1047841 Cross-References: CVE-2017-11104 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for...

OPENSUSE-SU-2020:1232-1 Security update for knot

This update for knot fixes the following issues: - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841. This update was imported from the openSUSE:Leap:15.2:Update updat...

OPENSUSE-SU-2020:1112-1 Security update for knot

This update for knot fixes the following issues: - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841. This update was imported from the openSUSE:Leap:15.1:Update updat...

Security update for knot (moderate)

openSUSE Security Update: Security update for knot Announcement ID: openSUSE-SU-2020:1112-1 Rating: moderate References: 1047841 Cross-References: CVE-2017-11104 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE Security Update : knot (openSUSE-2020-1085)

This update for knot fixes the following issues : - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841. C Tenable Network Security, Inc. The descriptive text and packag...

openSUSE Security Update : knot (openSUSE-2020-1086)

This update for knot fixes the following issues : - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841. C Tenable Network Security, Inc. The descriptive text and packag...

openSUSE: Security Advisory for knot (openSUSE-SU-2020:1085-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:1086-1 Security update for knot

This update for knot fixes the following issues: - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841...

OPENSUSE-SU-2020:1085-1 Security update for knot

This update for knot fixes the following issues: - CVE-2017-11104: Fixed an improper implementation of TSIG protocol which could have allowed an attacker with a valid key name and algorithm to bypass TSIG authentication boo1047841...

Security update for knot (moderate)

openSUSE Security Update: Security update for knot Announcement ID: openSUSE-SU-2020:1086-1 Rating: moderate References: 1047841 Cross-References: CVE-2017-11104 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for knot fixes...

Security update for knot (moderate)

openSUSE Security Update: Security update for knot Announcement ID: openSUSE-SU-2020:1085-1 Rating: moderate References: 1047841 Cross-References: CVE-2017-11104 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for knot fixes...

openSUSE: Security Advisory for knot (openSUSE-SU-2018:1395-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : knot (openSUSE-2018-494)

This update for knot fixes the following issues : - CVE-2017-11104: Knot DNS contained a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TS...

Security update for knot (moderate)

This update for knot fixes the following issues: - CVE-2017-11104: Knot DNS contained a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSI...

ISC BIND TSIG Authentication Bypass (CVE-2017-3143)

There exists an authentication bypass vulnerability in the TSIG protocol in BIND. This vulnerability is due to the way TSIG handles incorrect digest lengths. A successful attack can lead to an authentication bypass...

CVE-2017-11104

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check...

CVE-2017-11104

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check...