Page 6 of 133 results (0.011 seconds)

CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. En BIND versiones 9.15.6 -) 9.16.5, 9.17.0 -) 9.17.3, un atacante que puede establecer una conexión TCP con el servidor y enviar datos en esa conexión puede explotar esto para desencadenar el fallo de aserción, causando la salida del servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8620 https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap-20200827-0003 https://usn.ubuntu.com/4468-1 https://www.synology.com/security/advisory/Synology_SA_20_19 • CWE-617: Reachable Assertion •

CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable. En las versiones ISC BIND9 BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: A menos que un servidor de nombres proporcione un servicio autorizado para una o más zonas y al menos una zona contenga una entrada sin terminal vacía que contenga un carácter asterisco ("*"), este defecto no puede ser encontrado. Un posible atacante al que se le permite cambiar el contenido de la zona, podría introducir teóricamente dicho registro para explotar esta condición y causar una denegación de servicio, aunque consideramos que el uso de este vector es poco probable porque cualquier ataque requeriría de un nivel de privilegio significativo y que sea fácilmente rastreable A flaw was found in bind when an asterisk character is present in an empty non-terminal location within the DNS graph. This flaw could trigger an assertion failure, causing bind to crash. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8619 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX https://security.netapp.com/advisory/ntap-20200625-0003 https://usn.ubuntu.com/4399-1 • CWE-404: Improper Resource Shutdown or Release CWE-617: Reachable Assertion •

CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. Un atacante al que se le permite enviar datos de zona a un servidor mediante la transferencia de zona puede explotar esto para provocar intencionalmente el fallo de aserción con una zona especialmente construida, negando el servicio a los clientes • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8618 https://security.netapp.com/advisory/ntap-20200625-0003 https://usn.ubuntu.com/4399-1 • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 97%CPEs: 31EXPL: 2

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. Al usar un mensaje especialmente diseñado, un atacante puede causar que un servidor BIND alcance un estado inconsistente si el atacante conoce (o adivina con éxito) el nombre de una clave TSIG utilizada por el servidor. • https://www.exploit-db.com/exploits/48521 https://github.com/knqyf263/CVE-2020-8617 http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html http://www.openwall.com/lists/oss-security/2020/05/19/4 https://kb.isc.org/docs/cve-2020-8617 https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html https:/ • CWE-617: Reachable Assertion •

CVSS: 8.6EPSS: 1%CPEs: 20EXPL: 1

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. Un actor malicioso que explota intencionalmente esta falta de limitación efectiva en el número de recuperaciones realizadas cuando se procesan referencias puede, mediante el uso de referencias especialmente diseñadas, causar que un servidor recurrente emita una gran cantidad de recuperaciones en un intento de procesar la referencia. Esto tiene al menos dos efectos potenciales: el rendimiento del servidor recurrente puede estar potencialmente afectado por el trabajo adicional requerido para realizar estas recuperaciones, y el atacante puede explotar este comportamiento para utilizar el servidor recurrente como un reflector en un ataque de reflexión con un alto factor de amplificación A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html http://www.nxnsattack.com http://www.openwall.com/lists/oss-security/2020/05/19/4 https://kb.isc.org/docs/cve-2020-8616 https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ https://lists.fedoraproject.org/archi • CWE-400: Uncontrolled Resource Consumption •