CVSS: 6.8EPSS: 0%CPEs: 166EXPL: 0CVE-2021-25220 – DNS forwarders - cache poisoning vulnerability
https://notcve.org/view.php?id=CVE-2021-25220
17 Mar 2022 — BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. BIND versiones 9.11... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.3EPSS: 0%CPEs: 51EXPL: 0CVE-2021-25219 – Lame cache can be abused to severely degrade resolver performance
https://notcve.org/view.php?id=CVE-2021-25219
27 Oct 2021 — In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant d... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-25218 – A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use
https://notcve.org/view.php?id=CVE-2021-25218
18 Aug 2021 — In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition. En BIND versiones 9.16.19, 9.17.16. Además, la versión 9.16.19-S1 de BIND Supported Preview Edition. • http://www.openwall.com/lists/oss-security/2021/08/18/3 • CWE-617: Reachable Assertion •
CVSS: 8.8EPSS: 0%CPEs: 57EXPL: 1CVE-2021-25217 – A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient
https://notcve.org/view.php?id=CVE-2021-25217
26 May 2021 — In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component b... • http://www.openwall.com/lists/oss-security/2021/05/26/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 24%CPEs: 45EXPL: 0CVE-2021-25216 – A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack
https://notcve.org/view.php?id=CVE-2021-25216
29 Apr 2021 — In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for... • http://www.openwall.com/lists/oss-security/2021/04/29/1 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 48EXPL: 0CVE-2021-25214 – A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
https://notcve.org/view.php?id=CVE-2021-25214
29 Apr 2021 — In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. En BIND versiones 9.8.5 posteriores a 9.8.8, v... • http://www.openwall.com/lists/oss-security/2021/04/29/1 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 48EXPL: 0CVE-2021-25215 – An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
https://notcve.org/view.php?id=CVE-2021-25215
29 Apr 2021 — In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as... • http://www.openwall.com/lists/oss-security/2021/04/29/1 • CWE-617: Reachable Assertion •
CVSS: 8.1EPSS: 2%CPEs: 25EXPL: 0CVE-2020-8625 – A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack
https://notcve.org/view.php?id=CVE-2020-8625
17 Feb 2021 — BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-ser... • http://www.openwall.com/lists/oss-security/2021/02/19/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-8622 – A truncated TSIG response can lead to an assertion failure
https://notcve.org/view.php?id=CVE-2020-8622
21 Aug 2020 — In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the pack... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 2%CPEs: 16EXPL: 0CVE-2020-8623 – A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
https://notcve.org/view.php?id=CVE-2020-8623
21 Aug 2020 — In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker En BIND versiones 9.10.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •