CVE-2017-3142 IBM AIX BIND Security Bypass Vulnerability (bind_advisory16)

漏洞类别:AIX

漏洞等级:

漏洞信息

ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when an attacker can send and receive messages to an authoritative DNS server and has knowledge of a valid TSIG key name.

Affected Versions:
AIX 6.1, 7.1
APAR versions:
IV98826m9a, IV98827m3a

Note:The detection requires root privileges to run “emgr -c” to check for patches. In absence of such privileges, the detection may not output actual results.

漏洞危害

By sending a specially crafted request packet, an attacker could exploit this vulnerability to bypass TSIG authentication on AXFR requests and transfer the target zone.

解决方案

The vendor has released fixes to resolve this vulnerability. Refer to AIX bind_advisory16 to obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

bind_advisory16

Leave a Reply