Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-8622

Опубликовано: 20 авг. 2020
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5bindOut of support scope
Red Hat Enterprise Linux 5bind97Out of support scope
Red Hat Enterprise Linux 6bindFixedRHSA-2020:418307.10.2020
Red Hat Enterprise Linux 7bindFixedRHSA-2020:501110.11.2020
Red Hat Enterprise Linux 7.6 Extended Update SupportbindFixedRHSA-2020:499210.11.2020
Red Hat Enterprise Linux 7.7 Extended Update SupportbindFixedRHSA-2020:520324.11.2020
Red Hat Enterprise Linux 8bindFixedRHSA-2020:450004.11.2020
Red Hat Enterprise Linux 8bindFixedRHSA-2020:450004.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1869473bind: truncated TSIG response can lead to an assertion failure

EPSS

Процентиль: 85%
0.02402
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-8622

CVSS3: 6.5
ubuntu
больше 5 лет назад

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.

nvd логотип

CVE-2020-8622

CVSS3: 6.5
nvd
больше 5 лет назад

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.

msrc логотип

CVE-2020-8622

CVSS3: 6.5
msrc
больше 5 лет назад

A truncated TSIG response can lead to an assertion failure

debian логотип

CVE-2020-8622

CVSS3: 6.5
debian
больше 5 лет назад

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also aff ...

suse-cvrf логотип

SUSE-SU-2021:2876-1

suse-cvrf
больше 4 лет назад

Security update for bind

EPSS

Процентиль: 85%
0.02402
Низкий

6.5 Medium

CVSS3