Vulnerabilities

CVE-2017-11104

by Fred · 08/07/2017

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.

Date published : 2017-07-08

http://www.securityfocus.com/bid/99598

http://www.debian.org/security/2017/dsa-3910

Similar

Tags: Cybersecurity Alert