dnskeygen in BIND 8.2.4 and previous versions, and dnssec-keygen in BIND 9.1.2 and previous versions, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows malicious users to obtain the keys and perform dynamic DNS updates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind |