CVSS: 8.6EPSS: 3%CPEs: 20EXPL: 1CVE-2020-8616 – BIND does not sufficiently limit the number of fetches performed when processing referrals
https://notcve.org/view.php?id=CVE-2020-8616
19 May 2020 — A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to us... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 92%CPEs: 31EXPL: 5CVE-2020-8617 – A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
https://notcve.org/view.php?id=CVE-2020-8617
19 May 2020 — Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately e... • https://packetstorm.news/files/id/180550 • CWE-617: Reachable Assertion •
CVSS: 8.6EPSS: 2%CPEs: 78EXPL: 0CVE-2018-5743 – Limiting simultaneous TCP clients was ineffective
https://notcve.org/view.php?id=CVE-2018-5743
25 Apr 2019 — By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.... • https://kb.isc.org/docs/cve-2018-5743 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 1%CPEs: 15EXPL: 0CVE-2019-6465 – Zone transfer controls for writable DLZ zones were not effective
https://notcve.org/view.php?id=CVE-2019-6465
22 Feb 2019 — Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465. Los controles para las transferencias de zona pueden no ser aplicados ... • https://access.redhat.com/errata/RHSA-2019:3552 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.9EPSS: 0%CPEs: 12EXPL: 0CVE-2018-5745 – An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
https://notcve.org/view.php?id=CVE-2018-5745
22 Feb 2019 — "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions ... • https://access.redhat.com/errata/RHSA-2019:3552 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5741 – Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation
https://notcve.org/view.php?id=CVE-2018-5741
16 Jan 2019 — To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 39%CPEs: 26EXPL: 1CVE-2018-5740 – A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named
https://notcve.org/view.php?id=CVE-2018-5740
28 Aug 2018 — "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. "deny-answer-aliases" es una característica poco utilizada que ... • https://github.com/sischkg/cve-2018-5740 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 11%CPEs: 72EXPL: 0CVE-2017-3145 – Improper fetch cleanup sequencing in the resolver can cause named to crash
https://notcve.org/view.php?id=CVE-2017-3145
16 Jan 2018 — BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. BIND secuenciaba incorrectamente las operaciones de limpieza en contextos fetch de recursión ascendente, lo que conduce en algunos casos a un error de uso de memoria ... • http://www.securityfocus.com/bid/102716 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 3%CPEs: 28EXPL: 0CVE-2017-3142 – An error in TSIG authentication can permit unauthorized zone transfers
https://notcve.org/view.php?id=CVE-2017-3142
30 Jun 2017 — An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0... • http://www.securityfocus.com/bid/99339 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 28%CPEs: 28EXPL: 1CVE-2017-3143 – An error in TSIG authentication can permit unauthorized dynamic updates
https://notcve.org/view.php?id=CVE-2017-3143
30 Jun 2017 — An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. Un atacante que pueda enviar y recibir mensajes a un servidor DNS autoritativo y que conozca un nombre de clave TSIG válido para la zona ... • https://github.com/saaph/CVE-2017-3143 • CWE-287: Improper Authentication •