4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.003 Low
EPSS
Percentile
70.6%
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS)
to update records in a zone, BIND 9 provides a feature called
update-policy. Various rules can be configured to limit the types of
updates that can be performed by a client, depending on the key used when
sending the update request. Unfortunately, some rule types were not
initially documented, and when documentation for them was added to the
Administrator Reference Manual (ARM) in change #3112, the language that was
added to the ARM at that time incorrectly described the behavior of two
rule types, krb5-subdomain and ms-subdomain. This incorrect documentation
could mislead operators into believing that policies they had configured
were more restrictive than they actually were. This affects BIND versions
prior to BIND 9.11.5 and BIND 9.12.3.
Author | Note |
---|---|
mdeslaur | per the ISC advisory: “At the present time, ISC is not providing any code changing the behavior of the update-policy feature.” deferring for now to see if the policy will change documentation changes went into 9.11.5 we will not be changing the documentation in our stable releases |
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.003 Low
EPSS
Percentile
70.6%