what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

CVE-2020-8617

Status Candidate

Overview

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

Related Files

Red Hat Security Advisory 2020-3475-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3475-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 2dd636fea7e0cd4fa94508d728aee804
Red Hat Security Advisory 2020-3470-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3470-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 46c3dcd8832a698a70eff7357261ec11
Red Hat Security Advisory 2020-3471-01
Posted Aug 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | ea995a2ae04d35d5cd5e454d9d275ec2
Red Hat Security Advisory 2020-3433-01
Posted Aug 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3433-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 9e4e1d5c6e3937cd76aea54e46330e54
Red Hat Security Advisory 2020-3379-01
Posted Aug 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3379-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | f91b3df8a8eebc8205c3ba022fe3d087
Red Hat Security Advisory 2020-3378-01
Posted Aug 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3378-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 7ae0d56c5d06f5ca004ef35ff8a86769
Red Hat Security Advisory 2020-2893-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2893-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8617
MD5 | 01b1b1aaa424ee689cb1c7f7f41e409c
Red Hat Security Advisory 2020-2595-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2595-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
MD5 | bf6d357bfb4dbbd15b7e7767bb19110a
Red Hat Security Advisory 2020-2449-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555, CVE-2020-8616, CVE-2020-8617
MD5 | 964ebe3752d8f59971bd6efe181b4037
Red Hat Security Advisory 2020-2441-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2441-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a server-side request forgery vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8555, CVE-2020-8616, CVE-2020-8617
MD5 | 36c67be350f70ceb17e377869f9abb1c
Red Hat Security Advisory 2020-2439-01
Posted Jun 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2439-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1750, CVE-2020-8616, CVE-2020-8617
MD5 | 0d86a40eb3e65485bdf9380eed6942bc
Red Hat Security Advisory 2020-2404-01
Posted Jun 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2404-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. Fetch limitation and logic errors were addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 731be848d6b8772086617406ef6c30c2
Red Hat Security Advisory 2020-2383-01
Posted Jun 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2383-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals as well as an issue where a logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | e92db49e925089bf66c1739a06cdd557
Red Hat Security Advisory 2020-2345-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2345-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 1184c25b0bf931b7f9f86dd4d6f36e7e
Red Hat Security Advisory 2020-2344-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2344-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An issue was addressed where BIND does not sufficiently limit the number of fetches performed when processing referrals.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | d0d173ebdd746f72b192287697bdc301
Red Hat Security Advisory 2020-2338-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2338-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | a2e80d58f6aebde69885e7fefe2a3aee
BIND TSIG Denial Of Service
Posted May 27, 2020
Authored by Teppei Fukuda

BIND TSIG denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2020-8617
MD5 | e51df7d7af4c4c6758585060581d38b8
Ubuntu Security Notice USN-4365-2
Posted May 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-2 - USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | 5b0e56c1eabe20b3f39807b88f195a78
Ubuntu Security Notice USN-4365-1
Posted May 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4365-1 - Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. Tobias Klein discovered that Bind incorrectly handled checking TSIG validity. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly perform other attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-8616, CVE-2020-8617
MD5 | d997e46eed2a4a36615bb449b70ab0cb
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close