CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
iscCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
iscbind
9.5.0 ≤
𝑥
≤ 9.11.27
iscbind
9.12.0 ≤
𝑥
≤ 9.16.11
iscbind
9.11.3:s1
iscbind
9.11.5:s3
iscbind
9.11.5:s5
iscbind
9.11.6:s1
iscbind
9.11.7:s1
iscbind
9.11.8:s1
iscbind
9.11.21:s1
iscbind
9.11.27:s1
iscbind
9.16.8:s1
iscbind
9.16.11:s1
iscbind
9.17.0
iscbind
9.17.1
debiandebian_linux
9.0
debiandebian_linux
10.0
siemenssinec_infrastructure_network_services
𝑥
< 1.0.1.1
netappcloud_backup
-
netappa250_firmware
-
netapp500f_firmware
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u1
fixed
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
sid
1:9.20.2-1
fixed
trixie
1:9.20.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
groovy
Fixed 1:9.16.6-3ubuntu1.1
released
focal
Fixed 1:9.16.1-0ubuntu2.6
released
bionic
Fixed 1:9.11.3+dfsg-1ubuntu1.14
released
xenial
Fixed 1:9.10.3.dfsg.P4-8ubuntu1.18
released
trusty
Fixed 1:9.9.5.dfsg-3ubuntu0.19+esm4
released
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2021/02/19/1
http://www.openwall.com/lists/oss-security/2021/02/20/2
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://kb.isc.org/v1/docs/cve-2020-8625
https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYXAF7G45RXDVNUTWWCI2CVTHRZ67LST/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWCMBOSZOJIIET7BWTRYS3HLX5TSDKHX/
https://security.netapp.com/advisory/ntap-20210319-0001/
https://www.debian.org/security/2021/dsa-4857
https://www.zerodayinitiative.com/advisories/ZDI-21-195/
http://www.openwall.com/lists/oss-security/2021/02/19/1
http://www.openwall.com/lists/oss-security/2021/02/20/2
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://kb.isc.org/v1/docs/cve-2020-8625
https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYXAF7G45RXDVNUTWWCI2CVTHRZ67LST/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QWCMBOSZOJIIET7BWTRYS3HLX5TSDKHX/
https://security.netapp.com/advisory/ntap-20210319-0001/
https://www.debian.org/security/2021/dsa-4857
https://www.zerodayinitiative.com/advisories/ZDI-21-195/