CVE-2017-3142

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-3142
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3142.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-3142
Downstream
Related
Published
2019-01-16T20:29:00.550Z
Modified
2026-03-13T22:23:51.352294Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

References

Affected packages

Git / github.com/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://github.com/isc-projects/bind9
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6d06e7e7e585e30b419e4e20815cb8233c48f7b1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6d06e7e7e585e30b419e4e20815cb8233c48f7b1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d7e5f7903de06e504aac4a3822a41d69e159e370
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6d06e7e7e585e30b419e4e20815cb8233c48f7b1
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f8a0c0bed6ed629e314d22619510939c61d88b0e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        }
    ]
}
Type
GIT
Repo
https://gitlab.isc.org/isc-projects/bind9
Events
Introduced
600305bf9b2e7ab79b95989190f84fdcf4140cc1
Last affected
8fc2e36186691698d247ab040b83793a9189de73
Introduced
3514c49b2fbcdf95b2735878e2487fce9a3ddad5
Last affected
1a7c6f9dc8b32b52a4462ec0a9b8fa40da628546
Introduced
63fbb3ea39094353765c04a6066b9e1d1013992a
Last affected
feb005b1b94f0493cd69d70a77a30a15b9a62993
Introduced
1477c19dd9a347ee19a42dac227f299a4680506f
Last affected
e3dc2e7b9941566190fd2691e1c71ce232f9a7c6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8a2d9ba36c16111ebb3be1a1c61fa0ebc2610c40
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1c59cea1c0e26e2da3f2afb90200bfe9f7748c03
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
733de85889f4f126106ec4389d32d92046a6e1be
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
341e64a2de908ceec50ed46d243bf3402342735c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
341e64a2de908ceec50ed46d243bf3402342735c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a39c587731ff8da751c26592838fbc04d8b62678
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e7f06a85359873b4822acac1b87a885310fd6ac2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
19d6c56085e97cf4ac559cdc27edd624127bcb32
Database specific 
{
    "versions": [
        {
            "introduced": "9.4.0"
        },
        {
            "last_affected": "9.8.8"
        },
        {
            "introduced": "9.9.0"
        },
        {
            "last_affected": "9.9.10"
        },
        {
            "introduced": "9.10.0"
        },
        {
            "last_affected": "9.10.5"
        },
        {
            "introduced": "9.11.0"
        },
        {
            "last_affected": "9.11.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.9.0-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.9.3-s1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.9.10-s2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.10.5-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.10.5-s1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.10.5-s2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.11.1-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.0"
        }
    ]
}

Affected versions

Other
ondrej/008bfb6249a5f81d9e02ad4d39fda63fab57a0ad
ondrej/00ce93a69cd809810b82dbb229abf59d8e5850cc
ondrej/1a1413ff5910ace7919bb8db0a1bb1f6e9c9ff7d
ondrej/4d292fc37ff5e99462756352c6028af7d0becf74
ondrej/6d06e7e7e585e30b419e4e20815cb8233c48f7b1
ondrej/6d1fdb850516a8d1fbfa853c56a1ef7627d54a72
ondrej/761b47a64845cb647d4fa3362be538eb0e7174d9
ondrej/840e56a979c3719ded668d5aaa04b1bddce465ef
ondrej/a42afbce2e34a5f990517fee7eab013c4adb8c0a
ondrej/a5f554959ec531712f6e14a8cb8c90d87cc27932
ondrej/b177581bb230d89821d1e2e5e91f93bee3fc4192
ondrej/be1e6499742e241d71c7e79434e278a0c89d141b
ondrej/c63b7fad498dbe56710b655bd296a58abba64bb8
ondrej/d7e5f7903de06e504aac4a3822a41d69e159e370
ondrej/fb07c38697c9f4f76dcb921487c4f96813c99b69
v9.*
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.11.0
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.11.1
v9.11.1b1
v9.11.1rc1
v9.11.1rc2
v9.11.1rc3
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.13.0
v9.13.2
v9.13.3
v9.13.4
v9.13.5
v9.13.6
v9.15.0
v9.15.2
v9.15.3
v9.15.4
v9.15.5
v9.15.6
v9.15.7
v9.15.8
v9.17.4
v9.19.0
v9.19.1
v9.19.10
v9.19.11
v9.19.12
v9.19.13
v9.19.14
v9.19.15
v9.19.16
v9.19.17
v9.19.18
v9.19.19
v9.19.2
v9.19.21
v9.19.22
v9.19.23
v9.19.24
v9.19.3
v9.19.4
v9.19.5
v9.19.6
v9.19.7
v9.19.8
v9.19.9
v9.20.0
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.9.0
v9.9.1
v9.9.10
v9.9.10b1
v9.9.10rc1
v9.9.10rc2
v9.9.10rc3
v9.9.2b1
v9.9.2rc1
v9.9.3
v9.9.3b1
v9.9.3b2
v9.9.3rc1
v9.9.3rc2
v9.9.4
v9.9.4b1
v9.9.4rc1
v9.9.4rc2
v9.9.5
v9.9.5b1
v9.9.5rc1
v9.9.5rc2
v9.9.6
v9.9.6b1
v9.9.6b2
v9.9.6rc1
v9.9.6rc2
v9.9.7
v9.9.7b1
v9.9.7rc1
v9.9.7rc2
v9.9.8
v9.9.8b1
v9.9.8rc1
v9.9.9
v9.9.9b1
v9.9.9b2
v9.9.9rc1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3142.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    }
]