Main
Vulnerability Database
Exploits
ID:2168 - Exploit for Authentication bypass in Knot DNS - CVE-2017-11104
ID:2168 - Exploit for Authentication bypass in Knot DNS - CVE-2017-11104
Published: March 18, 2020
Vulnerability identifier: #VU7550
Vulnerability risk: Low
CVE-ID: CVE-2017-11104
CWE-ID: CWE-287
Exploitation vector: Remote access
Vulnerable software:
Knot DNS
Knot DNS
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to a flaw in the TSIG protocol implementation. A remote attacker can use a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set.
The weakness exists due to a flaw in the TSIG protocol implementation. A remote attacker can use a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set.
Remediation
The vulnerability is addressed in the following versions: 2.4.5 and 2.5.2.