CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2020-8620
https://notcve.org/view.php?id=CVE-2020-8620
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. En BIND versiones 9.15.6 -) 9.16.5, 9.17.0 -) 9.17.3, un atacante que puede establecer una conexión TCP con el servidor y enviar datos en esa conexión puede explotar esto para desencadenar el fallo de aserción, causando la salida del servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8620 https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap-20200827-0003 https://usn.ubuntu.com/4468-1 https://www.synology.com/security/advisory/Synology_SA_20_19 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 97%CPEs: 31EXPL: 2CVE-2020-8617 – A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
https://notcve.org/view.php?id=CVE-2020-8617
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. Al usar un mensaje especialmente diseñado, un atacante puede causar que un servidor BIND alcance un estado inconsistente si el atacante conoce (o adivina con éxito) el nombre de una clave TSIG utilizada por el servidor. • https://www.exploit-db.com/exploits/48521 https://github.com/knqyf263/CVE-2020-8617 http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html http://www.openwall.com/lists/oss-security/2020/05/19/4 https://kb.isc.org/docs/cve-2020-8617 https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html https:/ • CWE-617: Reachable Assertion •
CVSS: 8.6EPSS: 1%CPEs: 20EXPL: 1CVE-2020-8616 – BIND does not sufficiently limit the number of fetches performed when processing referrals
https://notcve.org/view.php?id=CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. Un actor malicioso que explota intencionalmente esta falta de limitación efectiva en el número de recuperaciones realizadas cuando se procesan referencias puede, mediante el uso de referencias especialmente diseñadas, causar que un servidor recurrente emita una gran cantidad de recuperaciones en un intento de procesar la referencia. Esto tiene al menos dos efectos potenciales: el rendimiento del servidor recurrente puede estar potencialmente afectado por el trabajo adicional requerido para realizar estas recuperaciones, y el atacante puede explotar este comportamiento para utilizar el servidor recurrente como un reflector en un ataque de reflexión con un alto factor de amplificación A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html http://www.nxnsattack.com http://www.openwall.com/lists/oss-security/2020/05/19/4 https://kb.isc.org/docs/cve-2020-8616 https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ https://lists.fedoraproject.org/archi • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6469 – BIND Supported Preview Edition can exit with an assertion failure if ECS is in use
https://notcve.org/view.php?id=CVE-2019-6469
An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition. Un error en la funcionalidad EDNS Client Subnet (ECS) para los solucionadores recursivos puede hacer que BIND salga con un fallo de aserción cuando se procesa una respuesta que tiene RRSIG malformados. Versiones afectadas: BIND 9.10.5-S1 hasta 9.11.6-S1 de BIND 9 Supported Preview Edition. • https://kb.isc.org/docs/cve-2019-6469 https://support.f5.com/csp/article/K39751401?utm_source=f5support&%3Butm_medium=RSS • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6468 – BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used
https://notcve.org/view.php?id=CVE-2019-6468
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected. En BIND Supported Preview Edition, puede presentarse un error en la funcionalidad nxdomain-redirect en las versiones que admiten las funcionalidades EDNS Client Subnet (ECS). • https://kb.isc.org/docs/cve-2019-6468 https://www.synology.com/security/advisory/Synology_SA_19_20 • CWE-617: Reachable Assertion •