SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
(CentOS Issues Fix) BIND TSIG Authentication Bugs Let Remote Users Bypass Authentication to Transfer or Modify Zone Conetnt
SecurityTracker Alert ID:  1038831
SecurityTracker URL:  http://securitytracker.com/id/1038831
CVE Reference:   CVE-2017-3142, CVE-2017-3143   (Links to External Site)
Date:  Jul 6 2017
Impact:   Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.4.0 - 9.8.8, 9.9.0 - 9.9.10-P1, 9.10.0 - 9.10.5-P1, 9.11.0 - 9.11.1-P1, 9.9.3-S1 - 9.9.10-S2, 9.10.5-S1 - 9.10.5-S2
Description:   Two vulnerabilities were reported in BIND. A remote user can bypass TSIG authentication to transfer a zone or modify zone contents.

A remote user that can send and receive messages to an authoritative DNS server and with knowledge of a valid TSIG key name can send a specially crafted request packet to bypass TSIG authentication on AXFR requests and transfer the target zone [CVE-2017-3142].

A remote user that can send and receive messages to an authoritative DNS server and with knowledge of a valid TSIG key name can send specially crafted data to bypass TSIG authentication and cause the target server to accept an arbitrary dynamic update to the zone content [CVE-2017-3143].

Systems that rely solely on TSIG keys for access control are affected.

Clement Berthaux from Synacktiv reported these vulnerabilities.

Impact:   A remote user can bypass authentication to transfer a zone or modify zone contents.
Solution:   CentOS has issued a fix.

i386:
d595642893f54cd5559f15f988b323186cadaf4c3286d9a6028530d1f9adad7f bind-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bcac1e24947572b19e95fb4f0b5920d08801a1f219c72e993cee4103a14f5cf8 bind-chroot-9.8.2-0.62.rc1.el6_9.4.i686.rpm
b00aa4ea65b2b09b542644830f764bb561277cce996a290a0ec9486f737003d9 bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
c67ab483c68bff0289accedaa7d35b63c3fc83bda16d418c1d4f2114ae3bbf97 bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
4f4241b1f7da42a1a5d961d7062201008fc53b9a89beebbd979762a292a81c8f bind-sdb-9.8.2-0.62.rc1.el6_9.4.i686.rpm
c6af12e9b17018d11e000ac29338e4f6da07136ac6ac9f236e3c26ff5d40c0bd bind-utils-9.8.2-0.62.rc1.el6_9.4.i686.rpm

x86_64:
183ba53693e45cf2620973d0f2577757e8d0eead9ba10136ae4ea76a8baf1b83 bind-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bdf2a9efdfb3f3d7d9ee71cf470b049743999ccd5514a8df83e2149dd07b5521 bind-chroot-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
b00aa4ea65b2b09b542644830f764bb561277cce996a290a0ec9486f737003d9 bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
8dcd89221eb8f92ee29b110cfeabca9feac95e5ed49525cb98da5a9df0623dfa bind-devel-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
c67ab483c68bff0289accedaa7d35b63c3fc83bda16d418c1d4f2114ae3bbf97 bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
f51d412917d8d61e7a0ef0581863488b2c74e3eace8ae87929d6dafed68d9fa7 bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
9630e8f1eaa72f86cb7fe4fdf34215f11813e99a7a41534c5be46b1668e7c8b9 bind-sdb-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
5378f87bc4b3513dc03b43875b881d1878e7c59b3a757b30b3025d979d541a75 bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm

Source:
9d2c0d5f204025015452d8d0aabb37cc9419df220550a6a4eb9fb68fc6220909 bind-9.8.2-0.62.rc1.el6_9.4.src.rpm

Cause:   Authentication error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6

Message History:   This archive entry is a follow-up to the message listed below.
Jun 29 2017 BIND TSIG Authentication Bugs Let Remote Users Bypass Authentication to Transfer or Modify Zone Conetnt



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:1679 Important CentOS 6 bind Security Update


CentOS Errata and Security Advisory 2017:1679 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:1679

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
d595642893f54cd5559f15f988b323186cadaf4c3286d9a6028530d1f9adad7f  bind-9.8.2-0.62.rc1.el6_9.4.i686.rpm
bcac1e24947572b19e95fb4f0b5920d08801a1f219c72e993cee4103a14f5cf8  bind-chroot-9.8.2-0.62.rc1.el6_9.4.i686.rpm
b00aa4ea65b2b09b542644830f764bb561277cce996a290a0ec9486f737003d9  bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
c67ab483c68bff0289accedaa7d35b63c3fc83bda16d418c1d4f2114ae3bbf97  bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
4f4241b1f7da42a1a5d961d7062201008fc53b9a89beebbd979762a292a81c8f  bind-sdb-9.8.2-0.62.rc1.el6_9.4.i686.rpm
c6af12e9b17018d11e000ac29338e4f6da07136ac6ac9f236e3c26ff5d40c0bd  bind-utils-9.8.2-0.62.rc1.el6_9.4.i686.rpm

x86_64:
183ba53693e45cf2620973d0f2577757e8d0eead9ba10136ae4ea76a8baf1b83  bind-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
bdf2a9efdfb3f3d7d9ee71cf470b049743999ccd5514a8df83e2149dd07b5521  bind-chroot-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
b00aa4ea65b2b09b542644830f764bb561277cce996a290a0ec9486f737003d9  bind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm
8dcd89221eb8f92ee29b110cfeabca9feac95e5ed49525cb98da5a9df0623dfa  bind-devel-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
c67ab483c68bff0289accedaa7d35b63c3fc83bda16d418c1d4f2114ae3bbf97  bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm
f51d412917d8d61e7a0ef0581863488b2c74e3eace8ae87929d6dafed68d9fa7  bind-libs-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
9630e8f1eaa72f86cb7fe4fdf34215f11813e99a7a41534c5be46b1668e7c8b9  bind-sdb-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm
5378f87bc4b3513dc03b43875b881d1878e7c59b3a757b30b3025d979d541a75  bind-utils-9.8.2-0.62.rc1.el6_9.4.x86_64.rpm

Source:
9d2c0d5f204025015452d8d0aabb37cc9419df220550a6a4eb9fb68fc6220909  bind-9.8.2-0.62.rc1.el6_9.4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC