ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when an attacker can send and receive messages to an authoritative DNS server and has knowledge of a valid TSIG key name.
AIX 6.1, 7.1
Note:The detection requires root privileges to run “emgr -c” to check for patches. In absence of such privileges, the detection may not output actual results.
By sending a specially crafted request packet, an attacker could exploit this vulnerability to bypass TSIG authentication on AXFR requests and transfer the target zone.