[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2017:1680 -- centos 7 bind

ID: oval:org.secpod.oval:def:204537Date: (C)2017-07-17   (M)2022-10-10
Class: PATCHFamily: unix




The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG signature for a dynamic update request. * A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able to communicate with an authoritative BIND server, could use this flaw to view the entire contents of a zone by sending a specially constructed request packet. Red Hat would like to thank Internet Systems Consortium for reporting these issues. Upstream acknowledges Clement Berthaux as the original reporter of these issues. Bug Fix: * ICANN is planning to perform a Root Zone DNSSEC Key Signing Key rollover during October 2017. Maintaining an up-to-date KSK, by adding the new root zone KSK, is essential for ensuring that validating DNS resolvers continue to function following the rollover

Platform:
CentOS 7
Product:
bind
Reference:
CESA-2017:1680
CVE-2017-3142
CVE-2017-3143
CVE    2
CVE-2017-3143
CVE-2017-3142
CPE    2
cpe:/a:isc:bind
cpe:/o:centos:centos:7

© SecPod Technologies