DNS: ISC BIND TSIG Authentication Unauthorized Dynamic Update

This signature detects attempts to exploit a known vulnerability against ISC BIND. A successful attack can lead to modification of zone information.

Extended Description

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

Affected Products

Isc bind

References

CVE: CVE-2017-3143

Short Name
DNS:ISC-BIND-TSIG-AUTH-DYN-UPD
Severity
Major
Recommended
True
Recommended Action
Drop
Category
DNS
Keywords
Authentication BIND CVE-2017-3143 Dynamic ISC TSIG Unauthorized Update
Release Date
07/18/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Isc

Debian

Redhat

CVSS Score

4.3

Found a potential security threat?