Описание
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
Ссылки
- Broken Link
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.4 (включая)Версия от 9.0 (включая) до 9.1.2 (включая)
Одно из
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
EPSS
Процентиль: 29%
0.00107
Низкий
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-276