CVE-2020-8616

BIND does not sufficiently limit the number of fetches performed when processing referrals

Severity Score

8.6

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

Un actor malicioso que explota intencionalmente esta falta de limitación efectiva en el número de recuperaciones realizadas cuando se procesan referencias puede, mediante el uso de referencias especialmente diseñadas, causar que un servidor recurrente emita una gran cantidad de recuperaciones en un intento de procesar la referencia. Esto tiene al menos dos efectos potenciales: el rendimiento del servidor recurrente puede estar potencialmente afectado por el trabajo adicional requerido para realizar estas recuperaciones, y el atacante puede explotar este comportamiento para utilizar el servidor recurrente como un reflector en un ataque de reflexión con un alto factor de amplificación

A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

*Credits: ISC would like to thank Lior Shafir and Yehuda Afek of Tel Aviv University and Anat Bremler-Barr of Interdisciplinary Center (IDC) Herzliya for discovering and reporting this issue.

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-02-05 CVE Reserved
2020-05-19 CVE Published
2024-09-12 EPSS Updated
2024-09-16 CVE Updated
2024-09-16 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (15)

URL	Tag	Source
https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html	Mailing List
https://security.netapp.com/advisory/ntap-20200522-0002	X_refsource_confirm
https://www.synology.com/security/advisory/Synology_SA_20_12	X_refsource_confirm

URL	Date	SRC
http://www.nxnsattack.com	2024-09-16

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2020/05/19/4	2023-11-07
https://kb.isc.org/docs/cve-2020-8616	2023-11-07

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI	2023-11-07
https://usn.ubuntu.com/4365-1	2023-11-07
https://usn.ubuntu.com/4365-2	2023-11-07
https://www.debian.org/security/2020/dsa-4689	2023-11-07
https://access.redhat.com/security/cve/CVE-2020-8616	2020-08-18
https://bugzilla.redhat.com/show_bug.cgi?id=1836118	2020-08-18

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.0.0 <= 9.11.18 Search vendor "Isc" for product "Bind" and version " >= 9.0.0 <= 9.11.18"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.12.0 <= 9.12.4 Search vendor "Isc" for product "Bind" and version " >= 9.12.0 <= 9.12.4"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.13.0 <= 9.13.7 Search vendor "Isc" for product "Bind" and version " >= 9.13.0 <= 9.13.7"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.14.0 <= 9.14.11 Search vendor "Isc" for product "Bind" and version " >= 9.14.0 <= 9.14.11"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.15.0 <= 9.15.6 Search vendor "Isc" for product "Bind" and version " >= 9.15.0 <= 9.15.6"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.16.0 <= 9.16.2 Search vendor "Isc" for product "Bind" and version " >= 9.16.0 <= 9.16.2"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.17.0 <= 9.17.1 Search vendor "Isc" for product "Bind" and version " >= 9.17.0 <= 9.17.1"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.12.4 Search vendor "Isc" for product "Bind" and version "9.12.4"		p1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.12.4 Search vendor "Isc" for product "Bind" and version "9.12.4"		p2		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.3 Search vendor "Isc" for product "Bind" and version "9.9.3"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.5 Search vendor "Isc" for product "Bind" and version "9.10.5"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.7 Search vendor "Isc" for product "Bind" and version "9.10.7"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.3 Search vendor "Isc" for product "Bind" and version "9.11.3"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.5 Search vendor "Isc" for product "Bind" and version "9.11.5"		s3, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.5 Search vendor "Isc" for product "Bind" and version "9.11.5"		s5, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.6 Search vendor "Isc" for product "Bind" and version "9.11.6"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.7 Search vendor "Isc" for product "Bind" and version "9.11.7"		s1, supported_preview		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.8 Search vendor "Isc" for product "Bind" and version "9.11.8"		s1, supported_preview		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected