This content is viewable by Everyone
MEDIUM security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND)
The Internet Systems Consortium (ISC) has released MEDIUM security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND).
Advanced Users: For a complete description of the vulnerabilities visit:
- CVE-2020-8620: A specially crafted large TCP payload can trigger an assertion failure in tcpdns.c
- CVE-2020-8621: Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
- CVE-2020-8622: A truncated TSIG response can lead to an assertion failure
- CVE-2020-8623: A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
- CVE-2020-8624: update-policy rules of type "subdomain" are enforced incorrectly
For affected systems, please refer to the CVEs listed above.
WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition.