Isc Bind9 vulnerabilities

23 known vulnerabilities affecting isc/bind9.

Total CVEs

23

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH14MEDIUM8

Vulnerabilities

Page 2 of 2

CVE-2020-8616HIGHCVSS 8.6v9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S12020-05-19

CVE-2020-8616 [HIGH] CWE-400 CVE-2020-8616: A malicious actor who intentionally exploits this lack of effective limitation on the number of fetc A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance o

CVE-2020-8617MEDIUMCVSS 5.9PoCv9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S12020-05-19

CVE-2020-8617 [HIGH] CWE-617 CVE-2020-8617: Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an incon Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND

CVE-2019-6477HIGHCVSS 7.5v9.11.6-P1 -> 9.11.12, 9.12.4-P1 -> 9.12.4-P2, 9.14.1 -> 9.14.7, and versions 9.11.5-S6 -> 9.11.12-S1 of BIND 9 Supported Preview Edition. Versions 9.15.0 -> 9.15.5 of the BIND 9.15 development branch are also affected2019-11-26

CVE-2019-6477 [HIGH] CWE-400 CVE-2019-6477: With pipelining enabled each incoming query on a TCP connection requires a similar resource allocati With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined

← Previous2 / 2