Page 3 of 23 results (0.011 seconds)

CVSS: 9.8EPSS: 44%CPEs: 45EXPL: 0

In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. • http://www.openwall.com/lists/oss-security/2021/04/29/1 http://www.openwall.com/lists/oss-security/2021/04/29/2 http://www.openwall.com/lists/oss-security/2021/04/29/3 http://www.openwall.com/lists/oss-security/2021/04/29/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25215 https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html https://security.netapp.com/advisory/ntap-20210521-0006 http • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 6%CPEs: 48EXPL: 0

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9. En BIND versiones 9.0.0 posteriores a 9.11.29, versiones 9.12.0 posteriores a 9.16.13, y BIND versiones 9.9.3-S1 posteriores a 9.11.29-S1 y versiones 9.16.8-S1 posteriores a 9.16.13-S1 de BIND Supported Preview Edition, así como versiones de lanzamiento 9.17.0 posteriores a 9.17.11 de la rama de desarrollo de BIND versión 9.17, cuando una versión vulnerable de named recibe una consulta para un registro que desencadena un fallo descrito anteriormente, el proceso named terminará debido a un comprobación de afirmación fallido. La vulnerabilidad afecta a todas las ramas de BIND 9 que se mantienen actualmente (9.11, 9.11-S, 9.16, 9.16-S, 9.17), así como a todas las demás versiones de BIND 9 A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. • http://www.openwall.com/lists/oss-security/2021/04/29/1 http://www.openwall.com/lists/oss-security/2021/04/29/2 http://www.openwall.com/lists/oss-security/2021/04/29/3 http://www.openwall.com/lists/oss-security/2021/04/29/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25215 https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce& • CWE-617: Reachable Assertion •

CVSS: 6.5EPSS: 0%CPEs: 48EXPL: 0

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. En BIND versiones 9.8.5 posteriores a 9.8.8, versiones 9.9.3 posteriores a 9.11.29, versiones 9.12.0 posteriores a 9.16.13, y BIND versiones 9.9.3-S1 posteriores a 9.11.29-S1 y versiones 9.16.8-S1 posteriores a 9.16.13-S1 de BIND 9 Supported Preview Edition, así como versiones de lanzamiento 9.17.0 posteriores a 9.17.11 de la rama de desarrollo de BIND versión 9.17, cuando una versión vulnerable de named recibe un IXFR malformado que desencadena el fallo descrito anteriormente, el proceso named finalizará debido a una aserción fallida la próxima vez que se actualice la zona secundaria transferida Incremental zone transfers (IXFR) provide a way of transferring changed portion(s) of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in question from the zone database. This leads to an assertion failure when the next SOA refresh query for that zone is made. • http://www.openwall.com/lists/oss-security/2021/04/29/1 http://www.openwall.com/lists/oss-security/2021/04/29/2 http://www.openwall.com/lists/oss-security/2021/04/29/3 http://www.openwall.com/lists/oss-security/2021/04/29/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25214 https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce& • CWE-617: Reachable Assertion •

CVSS: 8.1EPSS: 18%CPEs: 25EXPL: 0

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. • http://www.openwall.com/lists/oss-security/2021/02/19/1 http://www.openwall.com/lists/oss-security/2021/02/20/2 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2020-8625 https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.or • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. En BIND versiones 9.9.12 -) 9.9.13, 9.10.7 -) 9.10.8, 9.11.3 -) 9.11.21, 9.12.1 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.9 .12-S1 -) 9.9.13-S1, 9.11.3-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante a quien le han sido otorgado privilegios para cambiar un subconjunto específico del contenido de la zona podría abusar de estos privilegios adicionales no previstos para actualizar otros contenidos de la zona. A flaw was found in bind. Updates to "Update-policy" rules of type "subdomain" are treated as if they were of type "zonesub" which allows updates to all parts of the zone along with the intended subdomain. The highest threat from this vulnerability is to data integrity. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8624 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap- • CWE-269: Improper Privilege Management CWE-400: Uncontrolled Resource Consumption •