SUSE-SU-2020:1914-1 Security update for bind

This update for bind fixes the following issues: - Amended documentation referring to rule types 'krb5-subdomain' and 'ms-subdomain'. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. CVE-2018-5741 ...

The vulnerability of the nxdomain-redirect DNS server function in BIND allows a attacker to cause a service failure.

The vulnerability of the nxdomain-redirect DNS server’s BIND implementation lies in the use of the assert function or similar operators. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...

RHEL 7 : bind (RHSA-2020:2893)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2893 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...

CVE-2020-8617

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...

Palo Alto Releases Security Updates for PAN-OS

Palo Alto Networks has released security updates to address a vulnerability affecting the use of Security Assertion Markup Language in PAN-OS. An unauthenticated attacker with network access could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure...

ISC BIND 9.11.x < 9.11.20 / 9.11.14-S1 < 9.11.19-S9 / 9.14.x < 9.14.13 / 9.16.x < 9.16.4 DoS

The version of ISC BIND installed on the remote host is affected by a denial of service DoS vulnerability in rbtdb.c due to an assertion failure. An authenticated, remote attacker can exploit this issue, to cause a DoS condition. Note that Nessus has not tested for this issue but has instead reli...

Mattermost Server Authorization Issues Vulnerability (CNVD-2020-41176)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.7.0, 4.6.2, and 4.5.2. The vulnerability can be exploited by an attacker to log in as any other user with the help of a...

Mattermost Server Input Validation Error Vulnerability (CNVD-2020-48226)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. An input validation error vulnerability exists in Mattermost Server versions prior to 4.7.0, prior to 4.6.2, and prior to 4.5.2, which stems from the program's failure to enforce the expiration date...

FreeBSD : BIND -- Remote Denial of Service vulnerability (f00d1873-b138-11ea-8659-901b0ef719ab)

ISC reports : The asterisk character '' is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node. A...

CVE-2020-8618

An assertion check flaw caused by a buffer boundary check condition was found in BIND. A remote attacker could trigger this flaw via a large response, during zone transfer. The highest threat from this vulnerability is to system availability...

ALPINE-CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

DEBIAN-CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

Code injection

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

CVE-2020-8618

CVE-2020-8618 affects BIND. An assertion in rdataset.c can be incorrectly triggered by large zone transfers, allowing a remote attacker to deny service to clients. Public advisories confirm mitigation via upgrading to BIND 9.16.4+ (e.g., Arch Linux ASA-202006-13 lists 9.16.4-1 as the fix; upstrea...

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

UBUNTU-CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...