CVE-2020-8619

MEDIUM

Description

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html

https://kb.isc.org/docs/cve-2020-8619

https://lists.fedoraproject.org/archives/list/[email protected]/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/

https://lists.fedoraproject.org/archives/list/[email protected]/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/

https://security.netapp.com/advisory/ntap-20200625-0003/

https://usn.ubuntu.com/4399-1/

https://www.debian.org/security/2020/dsa-4752

Details

Source: MITRE

Published: 2020-06-17

Updated: 2020-10-20

Type: CWE-404

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3.0

Base Score: 4.9

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.11.14 to 9.11.19 (inclusive)

cpe:2.3:a:isc:bind:*:*:*:*:preview:*:*:* versions from 9.11.14-s1 to 9.11.19-s1 (inclusive)

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.14.9 to 9.14.12 (inclusive)

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.16.0 to 9.16.3 (inclusive)

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
148611EulerOS : bind (EulerOS-SA-2021-1725)NessusHuawei Local Security Checks
medium
148575EulerOS : bind (EulerOS-SA-2021-1739)NessusHuawei Local Security Checks
medium
147396NewStart CGSL MAIN 6.02 : bind Multiple Vulnerabilities (NS-SA-2021-0064)NessusNewStart CGSL Local Security Checks
medium
147084EulerOS Virtualization for ARM 64 3.0.6.0 : bind (EulerOS-SA-2021-1532)NessusHuawei Local Security Checks
medium
146246EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1242)NessusHuawei Local Security Checks
medium
146237EulerOS : bind (EulerOS-SA-2021-1261)NessusHuawei Local Security Checks
medium
145782EulerOS 2.0 SP8 : bind (EulerOS-SA-2021-1134)NessusHuawei Local Security Checks
medium
143842SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2020:2914-1)NessusSuSE Local Security Checks
medium
142804Oracle Linux 8 : bind (ELSA-2020-4500)NessusOracle Linux Local Security Checks
medium
142448RHEL 8 : bind (RHSA-2020:4500)NessusRed Hat Local Security Checks
medium
141839openSUSE Security Update : bind (openSUSE-2020-1701)NessusSuSE Local Security Checks
medium
141560openSUSE Security Update : bind (openSUSE-2020-1699)NessusSuSE Local Security Checks
medium
139930Debian DSA-4752-1 : bind9 - security updateNessusDebian Local Security Checks
medium
139704F5 Networks BIG-IP : BIND vulnerability (K19807532)NessusF5 Networks Local Security Checks
medium
139047Photon OS 1.0: Bindutils PHSA-2020-1.0-0309NessusPhotonOS Local Security Checks
medium
138817Photon OS 3.0: Bindutils PHSA-2020-3.0-0115NessusPhotonOS Local Security Checks
medium
138815Photon OS 2.0: Bindutils PHSA-2020-2.0-0263NessusPhotonOS Local Security Checks
medium
137865Fedora 31 : 32:bind (2020-5f8da4b260)NessusFedora Local Security Checks
medium
137837ISC BIND 9.11.x < 9.11.20 / 9.11.14-S1 < 9.11.19-S9 / 9.14.x < 9.14.13 / 9.16.x < 9.16.4 DoSNessusDNS
medium
137765Fedora 32 : 32:bind (2020-54a91444ff)NessusFedora Local Security Checks
medium
137699Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2020-170-01)NessusSlackware Local Security Checks
medium
137692FreeBSD : BIND -- Remote Denial of Service vulnerability (f00d1873-b138-11ea-8659-901b0ef719ab)NessusFreeBSD Local Security Checks
medium
137625Ubuntu 20.04 : Bind vulnerabilities (USN-4399-1)NessusUbuntu Local Security Checks
medium