SB2017082309 - Security restrictions bypass in IBM AIX 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017082309

SB2017082309 - Security restrictions bypass in IBM AIX

Published: August 23, 2017 Updated: August 29, 2017

Security Bulletin ID SB2017082309
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Security restrictions bypass (CVE-ID: CVE-2016-3142)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when an attacker can send and receive messages to an authoritative DNS server and has knowledge of a valid TSIG key name. A remote attacker can send a specially crafted request packet, bypass TSIG authentication on AXFR requests and transfer the target zone.

2) Security restrictions bypass (CVE-ID: CVE-2016-3143)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error when an attacker can send and receive messages to an authoritative DNS server and has knowledge of a valid TSIG key name. A remote attacker can send a specially crafted request packet, bypass TSIG authentication on AXFR requests and manipulate BIND into accepting an unauthorized dynamic update.

3) Security restrictions bypass (CVE-ID: CVE-2017-3142)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error in TSIG authentication of AXFR and NOTIFY requests. A remote attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name can send specially crafted request packet, bypass authentication and perform unauthorized zone transfers.

4) Security restrictions bypass (CVE-ID: CVE-2017-3143)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to an error in TSIG authentication of AXFR requests. A remote attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name can send specially crafted request packet, manipulate the malicious zone content and accept unauthorized dynamic updates.

Remediation

Install update from vendor's website.

References