Bind@9.9.3 Security Vulnerabilities and Issues — Bind@9.9.3 CVE List

Lucene search

IscBind9.9.3

3 matches found

CVE•added 2020/05/19 2:15 p.m.•986 views

CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. Th...

8.6CVSS8.7AI score0.0594EPSS

CVE•added 2020/05/19 2:15 p.m.•842 views

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

7.5CVSS7.2AI score0.92276EPSS

CVE•added 2020/08/21 9:15 p.m.•641 views

CVE-2020-8622

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated respons...

6.5CVSS7.2AI score0.00362EPSS