Authentication Bypass

2019-01-1509:18:18

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.007 Low

EPSS

Percentile

80.7%

JSON

bind is vulnerable to authentication bypass attacks. The vulnerability exists as an attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets.

CPENameOperatorVersion
bindeq9.7.0__5.P2.el6_0.1
bindeq9.8.2__0.17.rc1.el6.3
bindeq9.8.2__0.30.rc1.el6
bindeq9.7.3__2.el6_1.P1.1
bindeq9.8.2__0.10.rc1.el6_3.2
bindeq9.7.3__2.el6_1.P3.3
bindeq9.8.2__0.17.rc1.el6_4.4
bindeq9.8.2__0.37.rc1.el6_7.2
bindeq9.8.2__0.10.rc1.el6_3.1
bindeq9.8.2__0.17.rc1.el6_4.6

Name	Operator	Version
bind	eq	9.7.0__5.P2.el6_0.1
bind	eq	9.8.2__0.17.rc1.el6.3
bind	eq	9.8.2__0.30.rc1.el6
bind	eq	9.7.3__2.el6_1.P1.1
bind	eq	9.8.2__0.10.rc1.el6_3.2
bind	eq	9.7.3__2.el6_1.P3.3
bind	eq	9.8.2__0.17.rc1.el6_4.4
bind	eq	9.8.2__0.37.rc1.el6_7.2
bind	eq	9.8.2__0.10.rc1.el6_3.1
bind	eq	9.8.2__0.17.rc1.el6_4.6