Количество 15
Количество 15
CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
CVE-2020-8622
A truncated TSIG response can lead to an assertion failure
CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also aff ...
SUSE-SU-2021:2876-1
Security update for bind
GHSA-fh6r-7j2f-pmw4
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
ELSA-2020-4183
ELSA-2020-4183: bind security update (MODERATE)
BDU:2021-01725
Уязвимость пакета создающий DNS-сервер Bind9, связанная с недостатком использования функции assert(), позволяющая нарушителю вызвать отказ в обслуживании
SUSE-RU-2020:2915-1
Recommended update for bind
ELSA-2020-5011
ELSA-2020-5011: bind security and bug fix update (MODERATE)
ELSA-2020-4500
ELSA-2020-4500: bind security, bug fix, and enhancement update (MODERATE)
openSUSE-SU-2020:1701-1
Security update for bind
openSUSE-SU-2020:1699-1
Security update for bind
SUSE-SU-2020:2914-1
Security update for bind
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-8622 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | CVSS3: 6.5 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-8622 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | CVSS3: 6.5 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-8622 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | CVSS3: 6.5 | 2% Низкий | больше 5 лет назад |
 | CVE-2020-8622 A truncated TSIG response can lead to an assertion failure | CVSS3: 6.5 | 2% Низкий | больше 5 лет назад |
| CVE-2020-8622 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also aff ... | CVSS3: 6.5 | 2% Низкий | больше 5 лет назад |
 | SUSE-SU-2021:2876-1 Security update for bind | 2% Низкий | больше 4 лет назад | |
| GHSA-fh6r-7j2f-pmw4 In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | CVSS3: 6.5 | 2% Низкий | больше 3 лет назад |
| ELSA-2020-4183 ELSA-2020-4183: bind security update (MODERATE) | больше 5 лет назад | ||
 | BDU:2021-01725 Уязвимость пакета создающий DNS-сервер Bind9, связанная с недостатком использования функции assert(), позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 2% Низкий | больше 5 лет назад |
| SUSE-RU-2020:2915-1 Recommended update for bind | больше 5 лет назад | ||
| ELSA-2020-5011 ELSA-2020-5011: bind security and bug fix update (MODERATE) | около 5 лет назад | ||
| ELSA-2020-4500 ELSA-2020-4500: bind security, bug fix, and enhancement update (MODERATE) | около 5 лет назад | ||
| openSUSE-SU-2020:1701-1 Security update for bind | больше 5 лет назад | ||
| openSUSE-SU-2020:1699-1 Security update for bind | больше 5 лет назад | ||
| SUSE-SU-2020:2914-1 Security update for bind | больше 5 лет назад |
Уязвимостей на страницу