Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-07-08T10:00:00
Updated: 2024-08-05T17:57:57.864Z
Reserved: 2017-07-08T00:00:00
Link: CVE-2017-11104
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-07-08T10:29:00.170
Modified: 2023-01-20T15:23:12.843
Link: CVE-2017-11104
Redhat
No data.