CVE-2017-3142

MEDIUM

Description

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

References

http://www.securityfocus.com/bid/99339

http://www.securitytracker.com/id/1038809

https://access.redhat.com/errata/RHSA-2017:1679

https://access.redhat.com/errata/RHSA-2017:1680

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us

https://kb.isc.org/docs/aa-01504

https://security.netapp.com/advisory/ntap-20190830-0003/

https://www.debian.org/security/2017/dsa-3904

Details

Source: MITRE

Published: 2019-01-16

Updated: 2019-08-30

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 2.2

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.4.0 to 9.8.8 (inclusive)

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.9.0 to 9.9.10 (inclusive)

cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.10:s2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.10.0 to 9.10.5 (inclusive)

cpe:2.3:a:isc:bind:9.10.5:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.10.5:s2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.11.0 to 9.11.1 (inclusive)

cpe:2.3:a:isc:bind:9.11.1:p1:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
critical
127330NewStart CGSL MAIN 4.05 : bind Multiple Vulnerabilities (NS-SA-2019-0102)NessusNewStart CGSL Local Security Checks
medium
124936EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433)NessusHuawei Local Security Checks
medium
121068Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)NessusJunos Local Security Checks
high
119217Virtuozzo 6 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1679)NessusVirtuozzo Local Security Checks
medium
112170OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252)NessusOracleVM Local Security Checks
medium
105442F5 Networks BIG-IP : BIND vulnerability (K59448931)NessusF5 Networks Local Security Checks
medium
104579Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1680)NessusVirtuozzo Local Security Checks
medium
103319Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : bind9 regression (USN-3346-2)NessusUbuntu Local Security Checks
medium
102822AIX bind Advisory : bind_advisory16.asc (IV98826) (IV98827)NessusAIX Local Security Checks
high
102388Fedora 24 : 12:dhcp / bind99 (2017-59127a606c)NessusFedora Local Security Checks
medium
102228EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1141)NessusHuawei Local Security Checks
medium
102227EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1140)NessusHuawei Local Security Checks
medium
101933Amazon Linux AMI : bind (ALAS-2017-858)NessusAmazon Linux Local Security Checks
medium
101677Fedora 26 : 12:dhcp / bind99 (2017-87f1f8c798)NessusFedora Local Security Checks
medium
101603Fedora 26 : 32:bind (2017-30f678e62a)NessusFedora Local Security Checks
medium
101536Debian DLA-1025-1 : bind9 security updateNessusDebian Local Security Checks
medium
101494Fedora 24 : 32:bind / bind-dyndb-ldap / dnsperf (2017-001f135337)NessusFedora Local Security Checks
medium
101326Fedora 25 : 12:dhcp / bind99 (2017-167cfa7b09)NessusFedora Local Security Checks
medium
101322Debian DSA-3904-1 : bind9 - security updateNessusDebian Local Security Checks
medium
101280openSUSE Security Update : bind (openSUSE-2017-783)NessusSuSE Local Security Checks
medium
101257Scientific Linux Security Update : bind on SL7.x x86_64 (20170705)NessusScientific Linux Local Security Checks
medium
101256Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20170705)NessusScientific Linux Local Security Checks
medium
101254RHEL 7 : bind (RHSA-2017:1680)NessusRed Hat Local Security Checks
medium
101253RHEL 6 : bind (RHSA-2017:1679)NessusRed Hat Local Security Checks
medium
101252OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0122)NessusOracleVM Local Security Checks
medium
101250Oracle Linux 7 : bind (ELSA-2017-1680)NessusOracle Linux Local Security Checks
medium
101249Oracle Linux 6 : bind (ELSA-2017-1679)NessusOracle Linux Local Security Checks
medium
101246Fedora 25 : 32:bind / bind-dyndb-ldap / dnsperf (2017-d04f7ddd73)NessusFedora Local Security Checks
medium
101236CentOS 7 : bind (CESA-2017:1680)NessusCentOS Local Security Checks
medium
101235CentOS 6 : bind (CESA-2017:1679)NessusCentOS Local Security Checks
medium
101232ISC BIND 9 < 9.9.10-P2 / 9.9.10-S3 / 9.10.5-P2 / 9.10.5-S3 / 9.11.1-P2 Multiple VulnerabilitiesNessusDNS
medium
101157Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bind9 vulnerabilities (USN-3346-1)NessusUbuntu Local Security Checks
medium
101147SUSE SLES12 Security Update : bind (SUSE-SU-2017:1738-1)NessusSuSE Local Security Checks
medium
101146SUSE SLES11 Security Update : bind (SUSE-SU-2017:1737-1)NessusSuSE Local Security Checks
medium
101145SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:1736-1)NessusSuSE Local Security Checks
medium
101116Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2017-180-02)NessusSlackware Local Security Checks
medium