Описание
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| bind9 | fixed | 1:9.16.4-1 | package | |
| bind9 | not-affected | buster | package | |
| bind9 | not-affected | stretch | package | |
| bind9 | not-affected | jessie | package |
Примечания
https://kb.isc.org/docs/cve-2020-8618
https://gitlab.isc.org/isc-projects/bind9/-/issues/1850
EPSS
Связанные уязвимости
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
EPSS