Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Buffer overflow
Title:ISC BIND Buffer Overflow Vulnerability (CVE-2020-8625) - Linux
Summary:ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security; policy negotiation.
ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security
policy negotiation.

Vulnerability Insight:
GSS-TSIG is an extension to the TSIG protocol which is intended to support
the secure exchange of keys for use in verifying the authenticity of communications between parties on a

SPNEGO is a negotiation mechanism used by GSSAPI, the application protocol interface for GSS-TSIG.

The SPNEGO implementation used by BIND has been found to be vulnerable to a buffer overflow attack.

Vulnerability Impact:
The most likely outcome of a successful exploitation of the vulnerability
is a crash of the named process. However, remote code execution, while unproven, is theoretically possible.

Affected Software/OS:
BIND 9.5.0 - 9.11.27, 9.12.0 - 9.16.11, 9.11.3-S1 - 9.11.27-S1 and
9.16.8-S1 - 9.16.11-S1.

Update to version 9.11.28, 9.16.12, 9.11.28-S1, 9.16.12-S1 or later.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-8625
Debian Security Information: DSA-4857 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.