mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
2.5 KiB
2.5 KiB
CVE-2017-3143
%20implicitly%20defines%20a%20key%20with%20a%20known%20key%20name%20(local-ddns)%20and%20default%20algorithm%20and%20no%20IP-based%20access%20controls%20on%20the%20zone%20updates.%20%20In%20conjunction%20with%20this%20failure%20in%20TSIG%20verification%2C%20%22update-policy%20local%22%20is%20potentially%20very%20dangerous.&color=brighgreen)
Description
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
POC
Reference
No PoCs from references.
Github
- https://github.com/ALTinners/bind9
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AndrewLipscomb/bind9
- https://github.com/DButter/whitehat_public
- https://github.com/Dokukin1/Metasploitable
- https://github.com/Iknowmyname/Nmap-Scans-M2
- https://github.com/Mehedi-Babu/Vulnerability_research
- https://github.com/NikulinMS/13-01-hw
- https://github.com/Zhivarev/13-01-hw
- https://github.com/balabit-deps/balabit-os-7-bind9
- https://github.com/balabit-deps/balabit-os-8-bind9-libs
- https://github.com/balabit-deps/balabit-os-9-bind9-libs
- https://github.com/dkiser/vulners-yum-scanner
- https://github.com/ducducuc111/Awesome-Vulnerability-Research
- https://github.com/gladiopeace/awesome-stars
- https://github.com/pexip/os-bind9
- https://github.com/pexip/os-bind9-libs
- https://github.com/psmedley/bind-os2
- https://github.com/saaph/CVE-2017-3143
- https://github.com/securitychampions/Awesome-Vulnerability-Research
- https://github.com/sergey-pronin/Awesome-Vulnerability-Research
- https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems
- https://github.com/zzzWTF/db-13-01