A flaw was found in the way bind processes broken responses from authoritative servers. This caching mechanism could be abused by an attacker to significantly degrade resolver performance.

Mitigation

The vulnerability has been mitigated by changing the default value of lame-ttl to 0

References

bugzilla.redhat.com/show_bug.cgi?id=2017636

kb.isc.org/v1/docs/cve-2021-25219

nvd.nist.gov/vuln/detail/CVE-2021-25219

www.cve.org/CVERecord?id=CVE-2021-25219

photon 6

nessus 50

suse 4

debian 3

oraclelinux 1

cloudlinux 2

ibm 5

cve 1

rocky 1

osv 7

altlinux 2

cisa 1

veracode 1

fedora 5

ubuntucve 1

slackware 1

f5 1

prion 1

mageia 1

redhat 12

almalinux 1

debiancve 1

cbl_mariner 1

redos 1

aix 1

cnvd 1

ubuntu 2

archlinux 1

alpinelinux 1

rosalinux 1

gentoo 1

ics 1

oracle 1

photon

Moderate Photon OS Security Update - PHSA-2021-0129

2021-11-14 00:00:00

Moderate Photon OS Security Update - PHSA-2021-4.0-0129

2021-11-14 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0412

2021-11-10 00:00:00

nessus

EulerOS Virtualization 2.10.1 : bind (EulerOS-SA-2022-1368)

2022-04-18 00:00:00

EulerOS Virtualization 3.0.2.0 : bind (EulerOS-SA-2022-1685)

2022-05-07 00:00:00

EulerOS 2.0 SP3 : bind (EulerOS-SA-2022-1705)

2022-05-26 00:00:00

suse

Security update for bind (important)

2021-11-24 00:00:00

Security update for bind (important)

2021-11-23 00:00:00

Security update for bind (moderate)

2022-05-27 00:00:00

debian

[SECURITY] [DSA 4994-1] bind9 security update

2021-10-28 20:30:06

[SECURITY] [DSA 4994-1] bind9 security update

2021-10-28 20:30:06

[SECURITY] [DLA 2807-1] bind9 security update

2021-11-02 01:06:28

oraclelinux

bind security, bug fix, and enhancement update

2022-05-17 00:00:00

cloudlinux

Fix of CVE: CVE-2021-25219

2021-11-03 16:59:44

Fix of CVE: CVE-2021-25219

2021-11-16 13:53:11

ibm

Security Bulletin: BIND for IBM i is affected by CVE-2021-25219

2021-12-22 15:47:47

Security Bulletin: Vulnerability in Bind (CVE-2021-25219) affects Power HMC

2022-12-04 00:09:39

Security Bulletin: A vulnerability in ISC BIND affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2021-25219)

2023-01-12 21:59:00

cve

CVE-2021-25219

2021-10-27 21:15:00

rocky

bind security, bug fix, and enhancement update

2022-05-10 06:53:47

osv

bind9 vulnerability

2021-10-28 18:25:41

bind9 - security update

2021-10-28 00:00:00

Moderate: bind security, bug fix, and enhancement update

2022-05-10 06:53:47

altlinux

Security fix for the ALT Linux 10 package bind version 9.11.36-alt1

2021-11-08 00:00:00

Security fix for the ALT Linux 9 package bind version 9.11.36-alt1

2021-11-26 00:00:00

cisa

ISC Releases Security Advisory for BIND

2021-10-28 00:00:00

veracode

Denial Of Service (DoS)

2021-11-04 03:26:12

fedora

[SECURITY] Fedora 34 Update: bind-dyndb-ldap-11.9-6.fc34

2021-11-10 08:17:09

[SECURITY] Fedora 33 Update: bind-9.11.36-1.fc33

2021-11-11 01:22:46

[SECURITY] Fedora 35 Update: bind-dyndb-ldap-11.9-8.fc35

2021-11-04 01:48:10

ubuntucve

CVE-2021-25219

2021-10-27 00:00:00

slackware

[slackware-security] bind

2021-10-28 01:13:50

K77326807 : BIND vulnerability CVE-2021-25219

2021-11-08 00:00:00

prion

Design/Logic Flaw

2021-10-27 21:15:00

mageia

Updated bind packages fix security vulnerability

2021-12-19 15:26:08

redhat

(RHSA-2022:2092) Moderate: bind security, bug fix, and enhancement update

2022-05-10 06:53:47

(RHSA-2022:5188) Important: RHACS 3.69 security update

2022-06-24 19:39:26

(RHSA-2022:4690) Important: Red Hat OpenShift GitOps security update

2022-05-18 21:18:06

almalinux

Moderate: bind security, bug fix, and enhancement update

2022-05-10 06:53:47

debiancve

CVE-2021-25219

2021-10-27 21:15:00

cbl_mariner

CVE-2021-25219 affecting package bind 9.16.15-4

2022-06-26 03:29:38

redos

ROS-20220209-01

2022-02-09 00:00:00

aix

There is a vulnerability in BIND that affects AIX for VIOS.,There is a vulnerability in BIND that affects AIX.

2022-03-01 08:41:32

cnvd

ISC BIND Denial of Service Vulnerability (CNVD-2023-25100)

2021-10-31 00:00:00

ubuntu

Bind vulnerability

2021-10-28 00:00:00

Bind vulnerability

2021-10-28 00:00:00

archlinux

[ASA-202110-12] bind: denial of service

2021-10-29 00:00:00

alpinelinux

CVE-2021-25219

2021-10-27 21:15:00

rosalinux

Advisory ROSA-SA-2023-2245

2023-10-17 12:03:14

gentoo

ISC BIND: Multiple Vulnerabilities

2022-10-31 00:00:00

ics

Siemens SINEC INS

2022-03-10 12:00:00

oracle

Oracle Critical Patch Update Advisory - April 2022

2022-04-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for RH:CVE-2021-25219