AIX 7.2 TL 3 : bind (IJ25926)

https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 6 : bind (RHSA-2020:3378)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3378 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

RHEL 7 : bind (RHSA-2020:2893)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2893 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...

Updated bind packages fix security vulnerability

Updated bind packages fix security vulnerabilities: It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service CVE-2019-6477. Lior Shafir, Yehuda Afek, and Anat...

CentOS 6 : bind (RHSA-2020:2383)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2383 advisory. - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can,...

Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20200603)

Security Fixes : - bind: BIND does not sufficiently limit the number of fetches performed when processing referrals CVE-2020-8616 - bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c CVE-2020-8617 C Tenable Network Security, Inc. The...

Oracle Linux 6 : bind (ELSA-2020-2383)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2383 advisory. - Correct tests covering CVE-2020-8617 - Limit number of queries triggered by a request CVE-2020-8616 Tenable has extracted the preceding description...

Oracle Linux 7 : bind (ELSA-2020-2344)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2344 advisory. - Limit number of queries triggered by a request CVE-2020-8616 - Fix invalid tsig request CVE-2020-8617 Tenable has extracted the preceding description...

USN-4365-2: Bind vulnerabilities

USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly...

Debian DSA-4689-1 : bind9 - security update

Several vulnerabilities were discovered in BIND, a DNS server implementation. - CVE-2019-6477 It was discovered that TCP-pipelined queries can bypass tcp-client limits resulting in denial of service. - CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches...

USN-4365-1: Bind vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. CVE-2020-8616 Tobias...