Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:
- In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server
and send data on that connection can exploit this to trigger the assertion failure, causing the server to
exit. (CVE-2020-8620)
- In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and
'forward first' then an attacker who can send queries to it may be able to trigger the condition that will
cause the server to crash. Servers that 'forward only' are not affected. (CVE-2020-8621)
- In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the
BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating
the server receiving the TSIG-signed request, could send a truncated response to that request, triggering
an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to
correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and
message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
(CVE-2020-8622)
- In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the
BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted
query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with
"--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from
a possible attacker (CVE-2020-8623)
- In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also
affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An
attacker who has been granted privileges to change a specific subset of the zone's content could abuse
these unintended additional privileges to update other contents of the zone. (CVE-2020-8624)
Plugin Details
Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 8/20/2020