SUSE-SU-2017:1737-1 -- SLES bindID: oval:org.secpod.oval:def:89044715 | Date: (C)2021-07-07 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for bind fixes the following issues: - An attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relied solely on TSIG keys for protection could be manipulated into providing an AXFR of a zone to an unauthorized recipient and accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142] - An attacker who with the ability to send and receive messages to an authoritative DNS server and who had knowledge of a valid TSIG key name for the zone and service being targeted was able to manipulate BIND into accepting an unauthorized dynamic update. [bsc#1046555, CVE-2017-3143]
Platform: |
SUSE Linux Enterprise Server 11 SP4 |