June 29th, 2017
Men & Mice announces the release of Version 7.1.14 of the Men & Mice Suite.
This is a maintenance release containing a bug fix in a 3rd party software on the Men & Mice appliances.
- BIND on the appliances has been patched to address the issues in the following vulnerabilities
An attacker able to send and receive messages to an authoritative
DNS server may be able to circumvent TSIG authentication of AXFR
requests via a carefully constructed request packet.
An attacker who is able to send and receive messages to an
authoritative DNS server and who has knowledge of a valid TSIG
key name for the zone and service being targeted may be able to
manipulate BIND into accepting a dynamic update.