what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

CVE-2020-8617

Status Candidate

Overview

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

Related Files

BIND TSIG Badtime Query Denial of Service
Posted Aug 31, 2024
Authored by Tobias Klein, Shuto Imai | Site metasploit.com

A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c.

tags | exploit
advisories | CVE-2020-8617
SHA-256 | 147811b054c922122feaf56704105032929fea6ae4759c47e6c473671c684671
Red Hat Security Advisory 2020-3475-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 4d1b212ed310460f7c14cebdc457a408ed5077e1a54519e2fba54bd4d3b6d5cf
Red Hat Security Advisory 2020-3470-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3470-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 8c41ef985a873c34e1500d6376c72a14c1a08e4450eb1f0dd62bf66526444b1c
Red Hat Security Advisory 2020-3471-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 9c986b6214b7254cf4e6b3b36b5e907fefe8a2ac4dfebf0306f1e7acd21daa8f
Red Hat Security Advisory 2020-3433-01
Posted Aug 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3433-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | bc35196fc23412754114675665e67a3d69cf7c2e0e500412552ff545649b0fd2
Red Hat Security Advisory 2020-3379-01
Posted Aug 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3379-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 62f55f5dc4b23f7d6240f8e34a967935fbfd154bf33844b52aeb5c14727bdc6d
Red Hat Security Advisory 2020-3378-01
Posted Aug 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3378-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | dc1ee1527a1d2a7f98f85f3049c4127e428f0b01cc4876cd907aa8db66d80a2b
Red Hat Security Advisory 2020-2893-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2893-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8617
SHA-256 | 5d0f5d9fc4749fd163e749bd04413103f42bd442f2af434b20770477312439d1
Red Hat Security Advisory 2020-2595-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2595-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
SHA-256 | 2dc2027788a2469b52ac06d8c4d6495cafd25c31f8ca4b7ed6e5aeb5002d87e2
Red Hat Security Advisory 2020-2449-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555, CVE-2020-8616, CVE-2020-8617
SHA-256 | 2c91dca409142d53b6de9ac8d19ee8eb677bd55bc39d4e80926d9c1e1f84857d
Red Hat Security Advisory 2020-2441-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2441-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555, CVE-2020-8616, CVE-2020-8617
SHA-256 | b06eb8d7d3f7084c2226065d1437773d0e25232f6516022fb24987e7589bc98c
Red Hat Security Advisory 2020-2439-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2439-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
SHA-256 | 58b0a27aa9a90942ff2bec06634c08e8e3873b89b6743ec4c15cf6712c74bd49
Red Hat Security Advisory 2020-2404-01
Posted Jun 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2404-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. Fetch limitation and logic errors were addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 47243a4457d50457d3883bf9f3e25b574afb32b07c68f75964e45b41139f98bb
Red Hat Security Advisory 2020-2383-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2383-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals as well as an issue where a logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | fe10f4f1ba40599a3ec6cfcfc4f4743f42397b4f5d36f372d59f945a76c2b6f0
Red Hat Security Advisory 2020-2345-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2345-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 5334c77176ff6cfe17985fafa81c674e6c959c8f06c90bb3de7fabc34dc2d729
Red Hat Security Advisory 2020-2344-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2344-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | eba43773b3d1ded90f4c1e0901018f90fd2cb8a03f045802d942f3a345a0875e
Red Hat Security Advisory 2020-2338-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2338-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | e6a2c73a2a4b38c1487faacabaaebda854a4acb40e748164c0484aced16dfe20
Debian Security Advisory 4689-1
Posted May 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4689-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2019-6477, CVE-2020-8616, CVE-2020-8617
SHA-256 | 96c2db1c832c3227b5a973f46df47ac93ec1ba53a83a6ee66f99e63722d11f9b
BIND TSIG Denial Of Service
Posted May 27, 2020
Authored by Teppei Fukuda

BIND TSIG denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2020-8617
SHA-256 | d5de081d8f074ab17f17ab3bb8bf92ccf47e34c228b15fc1557bfc3b911a004c
Ubuntu Security Notice USN-4365-2
Posted May 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-2 - USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 8cd4885ea870121ddb49aa2e9497c23e099b8e054c205f6250e8608d3a33b714
Ubuntu Security Notice USN-4365-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-1 - Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
SHA-256 | 826073d220a4b92d755927eeeecec741e50cb7d5ec3122c14816b9effaaa58cc
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close