Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-8617

Опубликовано: 19 мая 2020
Источник: redhat
CVSS3: 7.5

Описание

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reach an inconsistent state or cause a denial of service. A majority of BIND servers have an internally-generated TSIG session key whose name is trivially guessable, and that key exposes the vulnerability unless specifically disabled.

Отчет

Upstream has released additional information about this flaw. Details available at: https://kb.isc.org/docs/cve-2020-8617-faq-and-supplemental-information

Меры по смягчению последствий

BIND servers have an internally-generated TSIG session key whose name is trivially guessable, and that key exposes the vulnerability unless specifically disabled. Upstream recommends using random value in session-keyname as a workaround. This can be added to named.conf configuration file.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5bindOut of support scope
Red Hat Enterprise Linux 5bind97Out of support scope
Red Hat Enterprise Linux 6bindFixedRHSA-2020:238303.06.2020
Red Hat Enterprise Linux 6.5 Advanced Update SupportbindFixedRHSA-2020:337910.08.2020
Red Hat Enterprise Linux 6.6 Advanced Update SupportbindFixedRHSA-2020:337810.08.2020
Red Hat Enterprise Linux 7bindFixedRHSA-2020:234401.06.2020
Red Hat Enterprise Linux 7.2 Advanced Update SupportbindFixedRHSA-2020:347118.08.2020
Red Hat Enterprise Linux 7.3 Advanced Update SupportbindFixedRHSA-2020:347018.08.2020
Red Hat Enterprise Linux 7.3 Telco Extended Update SupportbindFixedRHSA-2020:347018.08.2020
Red Hat Enterprise Linux 7.3 Update Services for SAP SolutionsbindFixedRHSA-2020:347018.08.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=1836124bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-8617

CVSS3: 7.5
ubuntu
больше 5 лет назад

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

nvd логотип

CVE-2020-8617

CVSS3: 7.5
nvd
больше 5 лет назад

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

debian логотип

CVE-2020-8617

CVSS3: 7.5
debian
больше 5 лет назад

Using a specially-crafted message, an attacker may potentially cause a ...

github логотип

GHSA-q6g5-8p95-hqh7

CVSS3: 5.9
github
больше 3 лет назад

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

fstec логотип

BDU:2021-00125

CVSS3: 5.3
fstec
больше 5 лет назад

Уязвимость компонента tsig.c DNS-сервера BIND, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3