A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code (CVE-2020-8625). The default configuration is not vulnerable to this issue, but it is if the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options are set.

OSVersionArchitecturePackageVersionFilename
Mageia7noarchbind< 9.11.6-1.3bind-9.11.6-1.3.mga7
Mageia8noarchbind< 9.11.27-1.1bind-9.11.27-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	7	noarch	bind	< 9.11.6-1.3	bind-9.11.6-1.3.mga7
Mageia	8	noarch	bind	< 9.11.27-1.1	bind-9.11.27-1.1.mga8

References

bugs.mageia.org/show_bug.cgi?id=28394

kb.isc.org/docs/cve-2020-8625

www.debian.org/security/2021/dsa-4857

nessus 55

zdi 1

osv 5

debian 3

altlinux 2

cve 1

cloudlinux 1

openvas 29

redhat 12

amazon 2

suse 1

centos 1

ubuntucve 1

alpinelinux 1

archlinux 1

cvelist 1

ubuntu 2

fedora 3

oraclelinux 3

ibm 4

veracode 1

cbl_mariner 1

f5 1

almalinux 1

photon 8

prion 1

redhatcve 1

debiancve 1

checkpoint_advisories 1

ics 1

nessus

SUSE SLES11 Security Update : bind (SUSE-SU-2021:14632-1)

2021-06-10 00:00:00

EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1939)

2021-06-03 00:00:00

Scientific Linux Security Update : bind on SL7.x i686/x86_64 (2021:0671)

2021-03-04 00:00:00

zdi

ISC BIND TKEY Query Heap-based Buffer Overflow Remote Code Execution Vulnerability

2021-02-24 00:00:00

osv

CVE-2020-8625

2021-02-17 23:15:13

bind9 - security update

2021-02-18 00:00:00

bind9 - security update

2021-02-19 00:00:00

debian

[SECURITY] [DLA 2568-1] bind9 security update

2021-02-19 08:50:42

[SECURITY] [DSA 4857-1] bind9 security update

2021-02-18 21:42:20

[SECURITY] [DSA 4857-1] bind9 security update

2021-02-18 21:42:37

altlinux

Security fix for the ALT Linux 9 package bind version 9.11.28-alt1

2021-03-04 00:00:00

Security fix for the ALT Linux 10 package bind version 9.11.28-alt1

2021-02-18 00:00:00

cve

CVE-2020-8625

2021-02-17 23:15:00

cloudlinux

Fix of CVE: CVE-2020-8625

2021-09-21 22:00:10

openvas

ISC BIND Buffer Overflow Vulnerability (CVE-2020-8625) - Windows

2021-02-18 00:00:00

Fedora: Security Advisory for bind (FEDORA-2021-8b4744f152)

2021-03-20 00:00:00

Mageia: Security Advisory (MGASA-2021-0110)

2022-01-28 00:00:00

redhat

(RHSA-2021:0693) Important: bind security update

2021-03-02 11:28:47

(RHSA-2021:0672) Important: bind security update

2021-03-01 13:55:00

(RHSA-2021:0671) Important: bind security update

2021-03-01 13:54:52

amazon

Important: bind

2021-03-18 17:22:00

Important: bind

2021-03-18 01:13:00

suse

Security update for bind (important)

2021-03-03 00:00:00

centos

bind security update

2021-03-02 16:40:18

ubuntucve

CVE-2020-8625

2021-02-17 00:00:00

alpinelinux

CVE-2020-8625

2021-02-17 23:15:00

archlinux

[ASA-202102-40] bind: arbitrary code execution

2021-02-27 00:00:00

cvelist

CVE-2020-8625 A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

2021-02-17 00:00:00

ubuntu

Bind vulnerability

2021-02-18 00:00:00

Bind vulnerability

2021-03-01 00:00:00

fedora

[SECURITY] Fedora 34 Update: bind-9.16.11-5.fc34

2021-03-19 20:20:10

[SECURITY] Fedora 32 Update: bind-9.11.28-1.fc32

2021-03-03 23:26:54

[SECURITY] Fedora 33 Update: bind-9.11.28-1.fc33

2021-03-03 23:15:50

oraclelinux

bind security update

2021-03-02 00:00:00

bind security update

2021-03-18 00:00:00

bind security update

2021-03-02 00:00:00

ibm

Security Bulletin: Vulnerability in Bind affects IBM Integrated Analytics System

2021-09-07 13:55:52

Security Bulletin: Publicly disclosed vulnerabilities from Bind affect IBM Netezza Host Management

2021-09-23 04:02:23

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to using components with known vulnerabilities

2021-07-30 05:04:09

veracode

Remote Code Execution

2021-02-18 21:52:26

cbl_mariner

CVE-2020-8625 affecting package bind 9.16.3-3

2021-04-06 23:50:08

K13591074 : BIND vulnerability CVE-2020-8625

2021-03-05 00:00:00

almalinux

Important: bind security update

2021-03-01 13:54:46

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0370

2021-03-12 00:00:00

Important Photon OS Security Update - PHSA-2021-0370

2021-03-12 00:00:00

Important Photon OS Security Update - PHSA-2021-0207

2021-03-15 00:00:00

prion

Default configuration

2021-02-17 23:15:00

redhatcve

CVE-2020-8625

2021-02-18 15:33:37

debiancve

CVE-2020-8625

2021-02-17 23:15:00

checkpoint_advisories

ISC BIND Invalid TKEY Query Denial Of Service (CVE-2015-5477; CVE-2020-8625)

2015-08-01 00:00:00

ics

Siemens SINEC INS

2022-03-10 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.187 Low

EPSS

Percentile

96.2%

JSON

Related for MGASA-2021-0110