CVSS: 7.5EPSS: 6%CPEs: 48EXPL: 0CVE-2021-25215 – An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
https://notcve.org/view.php?id=CVE-2021-25215
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9. En BIND versiones 9.0.0 posteriores a 9.11.29, versiones 9.12.0 posteriores a 9.16.13, y BIND versiones 9.9.3-S1 posteriores a 9.11.29-S1 y versiones 9.16.8-S1 posteriores a 9.16.13-S1 de BIND Supported Preview Edition, así como versiones de lanzamiento 9.17.0 posteriores a 9.17.11 de la rama de desarrollo de BIND versión 9.17, cuando una versión vulnerable de named recibe una consulta para un registro que desencadena un fallo descrito anteriormente, el proceso named terminará debido a un comprobación de afirmación fallido. La vulnerabilidad afecta a todas las ramas de BIND 9 que se mantienen actualmente (9.11, 9.11-S, 9.16, 9.16-S, 9.17), así como a todas las demás versiones de BIND 9 A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. • http://www.openwall.com/lists/oss-security/2021/04/29/1 http://www.openwall.com/lists/oss-security/2021/04/29/2 http://www.openwall.com/lists/oss-security/2021/04/29/3 http://www.openwall.com/lists/oss-security/2021/04/29/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25215 https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce& • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 48EXPL: 0CVE-2021-25214 – A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
https://notcve.org/view.php?id=CVE-2021-25214
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. En BIND versiones 9.8.5 posteriores a 9.8.8, versiones 9.9.3 posteriores a 9.11.29, versiones 9.12.0 posteriores a 9.16.13, y BIND versiones 9.9.3-S1 posteriores a 9.11.29-S1 y versiones 9.16.8-S1 posteriores a 9.16.13-S1 de BIND 9 Supported Preview Edition, así como versiones de lanzamiento 9.17.0 posteriores a 9.17.11 de la rama de desarrollo de BIND versión 9.17, cuando una versión vulnerable de named recibe un IXFR malformado que desencadena el fallo descrito anteriormente, el proceso named finalizará debido a una aserción fallida la próxima vez que se actualice la zona secundaria transferida Incremental zone transfers (IXFR) provide a way of transferring changed portion(s) of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in question from the zone database. This leads to an assertion failure when the next SOA refresh query for that zone is made. • http://www.openwall.com/lists/oss-security/2021/04/29/1 http://www.openwall.com/lists/oss-security/2021/04/29/2 http://www.openwall.com/lists/oss-security/2021/04/29/3 http://www.openwall.com/lists/oss-security/2021/04/29/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25214 https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce& • CWE-617: Reachable Assertion •
CVSS: 8.1EPSS: 18%CPEs: 25EXPL: 0CVE-2020-8625 – A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack
https://notcve.org/view.php?id=CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. • http://www.openwall.com/lists/oss-security/2021/02/19/1 http://www.openwall.com/lists/oss-security/2021/02/20/2 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2020-8625 https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.or • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-8624 – update-policy rules of type "subdomain" are enforced incorrectly
https://notcve.org/view.php?id=CVE-2020-8624
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. En BIND versiones 9.9.12 -) 9.9.13, 9.10.7 -) 9.10.8, 9.11.3 -) 9.11.21, 9.12.1 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.9 .12-S1 -) 9.9.13-S1, 9.11.3-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante a quien le han sido otorgado privilegios para cambiar un subconjunto específico del contenido de la zona podría abusar de estos privilegios adicionales no previstos para actualizar otros contenidos de la zona. A flaw was found in bind. Updates to "Update-policy" rules of type "subdomain" are treated as if they were of type "zonesub" which allows updates to all parts of the zone along with the intended subdomain. The highest threat from this vulnerability is to data integrity. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8624 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap- • CWE-269: Improper Privilege Management CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 2%CPEs: 16EXPL: 0CVE-2020-8623 – A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
https://notcve.org/view.php?id=CVE-2020-8623
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker En BIND versiones 9.10.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.10.5-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante que puede llegar a un sistema vulnerable con un paquete de consulta especialmente diseñado puede desencadenar un bloqueo. Para ser vulnerable, el sistema debe: * estar ejecutando BIND que fue creado con "--enable-native-pkcs11" * estar firmando una o más zonas con una clave RSA * ser capaz de recibir consultas de un posible atacante A flaw was found in bind. An assertion failure can occur when a specially crafted query for a zone signed with an RSA key. BIND must be compiled with "--enable-native-pkcs11" for the system to be affected. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8623 https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security. • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •