|Title:||ISC BIND Buffer Overflow Vulnerability (CVE-2020-8625) - Linux|
|Summary:||ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security; policy negotiation.|
ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security
GSS-TSIG is an extension to the TSIG protocol which is intended to support
the secure exchange of keys for use in verifying the authenticity of communications between parties on a
SPNEGO is a negotiation mechanism used by GSSAPI, the application protocol interface for GSS-TSIG.
The SPNEGO implementation used by BIND has been found to be vulnerable to a buffer overflow attack.
The most likely outcome of a successful exploitation of the vulnerability
is a crash of the named process. However, remote code execution, while unproven, is theoretically possible.
BIND 9.5.0 - 9.11.27, 9.12.0 - 9.16.11, 9.11.3-S1 - 9.11.27-S1 and
9.16.8-S1 - 9.16.11-S1.
Update to version 9.11.28, 9.16.12, 9.11.28-S1, 9.16.12-S1 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2020-8625|
Debian Security Information: DSA-4857 (Google Search)
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.