Knot DNS prior to 2.4.5 and 2.5.x prior to 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
knot-dns knot dns 2.5.0 |
||
knot-dns knot dns |
||
knot-dns knot dns 2.5.1 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |