CVE-2001-0497 (bind)
-
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0497
© Lightnetics 2024