SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
(CentOS Issues Fix) BIND TSIG Authentication Bugs Let Remote Users Bypass Authentication to Transfer or Modify Zone Conetnt
SecurityTracker Alert ID:  1038833
SecurityTracker URL:  http://securitytracker.com/id/1038833
CVE Reference:   CVE-2017-3142, CVE-2017-3143   (Links to External Site)
Date:  Jul 6 2017
Impact:   Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9.4.0 - 9.8.8, 9.9.0 - 9.9.10-P1, 9.10.0 - 9.10.5-P1, 9.11.0 - 9.11.1-P1, 9.9.3-S1 - 9.9.10-S2, 9.10.5-S1 - 9.10.5-S2
Description:   Two vulnerabilities were reported in BIND. A remote user can bypass TSIG authentication to transfer a zone or modify zone contents.

A remote user that can send and receive messages to an authoritative DNS server and with knowledge of a valid TSIG key name can send a specially crafted request packet to bypass TSIG authentication on AXFR requests and transfer the target zone [CVE-2017-3142].

A remote user that can send and receive messages to an authoritative DNS server and with knowledge of a valid TSIG key name can send specially crafted data to bypass TSIG authentication and cause the target server to accept an arbitrary dynamic update to the zone content [CVE-2017-3143].

Systems that rely solely on TSIG keys for access control are affected.

Clement Berthaux from Synacktiv reported these vulnerabilities.

Impact:   A remote user can bypass authentication to transfer a zone or modify zone contents.
Solution:   CentOS has issued a fix.

x86_64:
04624102c89308189e94e9985bfbaa3d7ce9527110f87ed8fbe279d7cd5df980 bind-9.9.4-50.el7_3.1.x86_64.rpm
d81e971786708a2e9ffa00513daa1937066ffcd71c6a9772c7dd5a228a2fccf4 bind-chroot-9.9.4-50.el7_3.1.x86_64.rpm
2dae70eaf0a8c0122a7fe5ca24b4d78990eaefefe3812e6baeb1ca676a36efe0 bind-devel-9.9.4-50.el7_3.1.i686.rpm
c5afd5510657aaddca295341ed6e22b1ffd1ffc8b21a125e09f0116803bef9f4 bind-devel-9.9.4-50.el7_3.1.x86_64.rpm
553c02b42dc0437b03020d4a7ea31a66efcd284cd401aee041c7af2dfafc7732 bind-libs-9.9.4-50.el7_3.1.i686.rpm
84e98cec40394610eb3e3822e69f6a19fa3d4011fab3c3f758d8892a97dc8a33 bind-libs-9.9.4-50.el7_3.1.x86_64.rpm
b3d2096bef88ed68716633dc677574796e2bd40a0736b96960710d7ed8e03657 bind-libs-lite-9.9.4-50.el7_3.1.i686.rpm
7c8c977ccc6e083766c6fb48084e0313ce814fc21987be0bc978ee39db0c6bd0 bind-libs-lite-9.9.4-50.el7_3.1.x86_64.rpm
7ce3ad33053dcf18e4de4d0f251f67e0d3cade43f6d48252b022c29c598c9861 bind-license-9.9.4-50.el7_3.1.noarch.rpm
269f0bb8b52b4054cee2513698a29ca2527cfdd4af90d78318f0cb476a7bfd47 bind-lite-devel-9.9.4-50.el7_3.1.i686.rpm
6bdee455278e621888d68ae512fe5affd41fed2adab2fc298c768f6046f0ab96 bind-lite-devel-9.9.4-50.el7_3.1.x86_64.rpm
51f0920bb3157064762b7729b9b5c61c88dcad3ff817412aac34bc56ec23a8e4 bind-pkcs11-9.9.4-50.el7_3.1.x86_64.rpm
e711ab5fa4e0fd7442e1e8395d4a646e7ea97123cf7cdfacb87867b0d7a332f2 bind-pkcs11-devel-9.9.4-50.el7_3.1.i686.rpm
f499c8b2626394536190573beac0b41196ec718a674af25b752975283bea531f bind-pkcs11-devel-9.9.4-50.el7_3.1.x86_64.rpm
989faf939b31113e53d81515f090023e8a8cc301a2f5f2b241f957466908d6e6 bind-pkcs11-libs-9.9.4-50.el7_3.1.i686.rpm
443b50dbf129e8f2ca810b6fa2856e669ec7f36a4d8f1ca05b3cb6a6dc50d3aa bind-pkcs11-libs-9.9.4-50.el7_3.1.x86_64.rpm
9d9239f4fa51dc13686518b2fa5e8e820832b69b2694012ac9df744bcbc9754e bind-pkcs11-utils-9.9.4-50.el7_3.1.x86_64.rpm
d5edebc853e991a22028ce0a2db0a9497ae237a53c15d481af1c4add4bb151e9 bind-sdb-9.9.4-50.el7_3.1.x86_64.rpm
f14ce30a56fe8368856d30034ebe07cb9565a399a4e0c0df4a22111f624dc71f bind-sdb-chroot-9.9.4-50.el7_3.1.x86_64.rpm
259d62391993ec512dabbfe1783b86bb17e45168ede86f63e8b2aead96c26a37 bind-utils-9.9.4-50.el7_3.1.x86_64.rpm

Source:
06373b4d3f9f85abd29abb501cb816f6b133cc7ce3c373e67f53a033a66f5a07 bind-9.9.4-50.el7_3.1.src.rpm

Cause:   Authentication error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Jun 29 2017 BIND TSIG Authentication Bugs Let Remote Users Bypass Authentication to Transfer or Modify Zone Conetnt



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:1680 Important CentOS 7 bind Security Update


CentOS Errata and Security Advisory 2017:1680 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:1680

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
04624102c89308189e94e9985bfbaa3d7ce9527110f87ed8fbe279d7cd5df980  bind-9.9.4-50.el7_3.1.x86_64.rpm
d81e971786708a2e9ffa00513daa1937066ffcd71c6a9772c7dd5a228a2fccf4  bind-chroot-9.9.4-50.el7_3.1.x86_64.rpm
2dae70eaf0a8c0122a7fe5ca24b4d78990eaefefe3812e6baeb1ca676a36efe0  bind-devel-9.9.4-50.el7_3.1.i686.rpm
c5afd5510657aaddca295341ed6e22b1ffd1ffc8b21a125e09f0116803bef9f4  bind-devel-9.9.4-50.el7_3.1.x86_64.rpm
553c02b42dc0437b03020d4a7ea31a66efcd284cd401aee041c7af2dfafc7732  bind-libs-9.9.4-50.el7_3.1.i686.rpm
84e98cec40394610eb3e3822e69f6a19fa3d4011fab3c3f758d8892a97dc8a33  bind-libs-9.9.4-50.el7_3.1.x86_64.rpm
b3d2096bef88ed68716633dc677574796e2bd40a0736b96960710d7ed8e03657  bind-libs-lite-9.9.4-50.el7_3.1.i686.rpm
7c8c977ccc6e083766c6fb48084e0313ce814fc21987be0bc978ee39db0c6bd0  bind-libs-lite-9.9.4-50.el7_3.1.x86_64.rpm
7ce3ad33053dcf18e4de4d0f251f67e0d3cade43f6d48252b022c29c598c9861  bind-license-9.9.4-50.el7_3.1.noarch.rpm
269f0bb8b52b4054cee2513698a29ca2527cfdd4af90d78318f0cb476a7bfd47  bind-lite-devel-9.9.4-50.el7_3.1.i686.rpm
6bdee455278e621888d68ae512fe5affd41fed2adab2fc298c768f6046f0ab96  bind-lite-devel-9.9.4-50.el7_3.1.x86_64.rpm
51f0920bb3157064762b7729b9b5c61c88dcad3ff817412aac34bc56ec23a8e4  bind-pkcs11-9.9.4-50.el7_3.1.x86_64.rpm
e711ab5fa4e0fd7442e1e8395d4a646e7ea97123cf7cdfacb87867b0d7a332f2  bind-pkcs11-devel-9.9.4-50.el7_3.1.i686.rpm
f499c8b2626394536190573beac0b41196ec718a674af25b752975283bea531f  bind-pkcs11-devel-9.9.4-50.el7_3.1.x86_64.rpm
989faf939b31113e53d81515f090023e8a8cc301a2f5f2b241f957466908d6e6  bind-pkcs11-libs-9.9.4-50.el7_3.1.i686.rpm
443b50dbf129e8f2ca810b6fa2856e669ec7f36a4d8f1ca05b3cb6a6dc50d3aa  bind-pkcs11-libs-9.9.4-50.el7_3.1.x86_64.rpm
9d9239f4fa51dc13686518b2fa5e8e820832b69b2694012ac9df744bcbc9754e  bind-pkcs11-utils-9.9.4-50.el7_3.1.x86_64.rpm
d5edebc853e991a22028ce0a2db0a9497ae237a53c15d481af1c4add4bb151e9  bind-sdb-9.9.4-50.el7_3.1.x86_64.rpm
f14ce30a56fe8368856d30034ebe07cb9565a399a4e0c0df4a22111f624dc71f  bind-sdb-chroot-9.9.4-50.el7_3.1.x86_64.rpm
259d62391993ec512dabbfe1783b86bb17e45168ede86f63e8b2aead96c26a37  bind-utils-9.9.4-50.el7_3.1.x86_64.rpm

Source:
06373b4d3f9f85abd29abb501cb816f6b133cc7ce3c373e67f53a033a66f5a07  bind-9.9.4-50.el7_3.1.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC