| Vulnerability Name: | CVE-2001-0497 (CCN-6694) |
| Assigned: | 2001-06-13 |
| Published: | 2001-06-13 |
| Updated: | 2018-09-20 |
| Summary: | dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
|
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)| Exploitability Metrics: | Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low |
|
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | Obtain Information |
| References: | Source: MITRE
Type: CNA
CVE-2001-0497
Source: CCN
Type: CIAC Information Bulletin L-094
BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys
Source: CCN
Type: Internet Software Consortium (ISC) Web site
ISC BIND
Source: CCN
Type: Internet Security Systems Security Alert #78
BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys
Source: OSVDB
Type: Broken Link
5609
Source: CCN
Type: OSVDB ID: 5609
ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
Source: ISS
Type: Patch, Vendor Advisory
20010611 BIND Inadvertent Local Exposure of HMAC-MD5 (TSIG) Keys
Source: XF
Type: Third Party Advisory, VDB Entry
bind-local-key-exposure(6694)
Source: XF
Type: UNKNOWN
bind-local-key-exposure(6694)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version <= 8.2.4)OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.0 and <= 9.1.2)
Configuration CCN 1:
cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.1.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.1.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.4.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.4.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:9.0:*:*:*:-:*:*:*OR cpe:/a:isc:bind:9.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:9.1.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:9.1.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.3:t1a:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.3:t9b:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.4.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.4.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:9.0.1:*:*:*:-:*:*:*
 Denotes that component is vulnerable |
| BACK |