Search criteria
10 vulnerabilities found for dns_server by synology
CVE-2022-27615 (GCVE-0-2022-27615)
Vulnerability from nvd – Published: 2022-07-28 04:00 – Updated: 2024-09-16 23:16
VLAI?
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors.
Severity ?
7.7 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Synology | DNS Server |
Affected:
unspecified , < 2.2.2-5027
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DNS Server",
"vendor": "Synology",
"versions": [
{
"lessThan": "2.2.2-5027",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-28T04:00:16",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2022-07-27T18:58:33.784612",
"ID": "CVE-2022-27615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DNS Server",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.2.2-5027"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_27",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2022-27615",
"datePublished": "2022-07-28T04:00:16.877008Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-16T23:16:05.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8623 (GCVE-0-2020-8623)
Vulnerability from nvd – Published: 2020-08-21 20:50 – Updated: 2024-09-17 03:19
VLAI?
Title
A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
Summary
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
Severity ?
7.5 (High)
CWE
- If BIND is built with "--enable-native-pkcs11" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ISC | BIND9 |
Affected:
9.10.0 , < unspecified
(custom)
Affected: unspecified , < 9.11.22 (custom) Affected: 9.12.0 , < unspecified (custom) Affected: unspecified , < 9.16.6 (custom) Affected: 9.17.0 , < unspecified (custom) Affected: unspecified , < 9.17.4 (custom) Affected: 9.10.5-S1 , < Supported Preview* (custom) |
Credits
ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.10.0",
"versionType": "custom"
},
{
"lessThan": "9.11.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.12.0",
"versionType": "custom"
},
{
"lessThan": "9.16.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.17.0",
"versionType": "custom"
},
{
"lessThan": "9.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.11.22-S1",
"status": "unaffected"
}
],
"lessThan": "Supported Preview*",
"status": "affected",
"version": "9.10.5-S1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker"
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "If BIND is built with \"--enable-native-pkcs11\" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:36",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8623",
"STATE": "PUBLIC",
"TITLE": "A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.10.0"
},
{
"version_affected": "\u003c",
"version_value": "9.11.22"
},
{
"version_affected": "\u003e=",
"version_value": "9.12.0"
},
{
"version_affected": "\u003c",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_value": "9.17.4"
},
{
"version_affected": "\u003e=",
"version_name": "Supported Preview",
"version_value": "9.10.5-S1"
},
{
"version_affected": "\u003c",
"version_name": "Supported Preview",
"version_value": "9.11.22-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker"
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "If BIND is built with \"--enable-native-pkcs11\" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8623",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8623",
"datePublished": "2020-08-21T20:50:19.797742Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-17T03:19:11.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8622 (GCVE-0-2020-8622)
Vulnerability from nvd – Published: 2020-08-21 20:50 – Updated: 2024-09-16 17:14
VLAI?
Title
A truncated TSIG response can lead to an assertion failure
Summary
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
Severity ?
6.5 (Medium)
CWE
- Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ISC | BIND9 |
Affected:
9.0.0 , < unspecified
(custom)
Affected: unspecified , < 9.11.22 (custom) Affected: 9.12.0 , < unspecified (custom) Affected: unspecified , < 9.16.6 (custom) Affected: 9.17.0 , < unspecified (custom) Affected: unspecified , < 9.17.4 (custom) Affected: 9.9.3-S1 , < Supported Preview* (custom) |
Credits
ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "9.11.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.12.0",
"versionType": "custom"
},
{
"lessThan": "9.16.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.17.0",
"versionType": "custom"
},
{
"lessThan": "9.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.11.22-S1",
"status": "unaffected"
}
],
"lessThan": "Supported Preview*",
"status": "affected",
"version": "9.9.3-S1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit."
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-20T10:40:22",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "USER"
},
"title": "A truncated TSIG response can lead to an assertion failure",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8622",
"STATE": "PUBLIC",
"TITLE": "A truncated TSIG response can lead to an assertion failure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.0.0"
},
{
"version_affected": "\u003c",
"version_value": "9.11.22"
},
{
"version_affected": "\u003e=",
"version_value": "9.12.0"
},
{
"version_affected": "\u003c",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_value": "9.17.4"
},
{
"version_affected": "\u003e=",
"version_name": "Supported Preview",
"version_value": "9.9.3-S1"
},
{
"version_affected": "\u003c",
"version_name": "Supported Preview",
"version_value": "9.11.22-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit."
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8622",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8622",
"datePublished": "2020-08-21T20:50:19.383306Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-16T17:14:14.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8621 (GCVE-0-2020-8621)
Vulnerability from nvd – Published: 2020-08-21 20:50 – Updated: 2024-09-16 16:18
VLAI?
Title
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
Summary
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
Severity ?
7.5 (High)
CWE
- While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after 'forward first' did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Credits
ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"changes": [
{
"at": "9.16.6",
"status": "unaffected"
},
{
"at": "9.17.0",
"status": "affected"
},
{
"at": "9.17.4",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "9.14.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after \u0027forward first\u0027 did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:43",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.16.6\n BIND 9.17.4"
}
],
"source": {
"discovery": "USER"
},
"title": "Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8621",
"STATE": "PUBLIC",
"TITLE": "Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "",
"version_value": "9.14.0"
},
{
"version_affected": "\u003c",
"version_name": "",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_name": "",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_name": "",
"version_value": "9.17.4"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after \u0027forward first\u0027 did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8621",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.16.6\n BIND 9.17.4"
}
],
"source": {
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8621",
"datePublished": "2020-08-21T20:50:18.959156Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-16T16:18:00.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12074 (GCVE-0-2017-12074)
Vulnerability from nvd – Published: 2017-08-24 18:00 – Updated: 2024-09-16 17:14
VLAI?
Summary
Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.
Severity ?
No CVSS data available.
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory (CWE-22)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Synology | Synology DNS Server |
Affected:
before 2.2.1-3042
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:15.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology DNS Server",
"vendor": "Synology",
"versions": [
{
"status": "affected",
"version": "before 2.2.1-3042"
}
]
}
],
"datePublic": "2017-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-24T17:57:01",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2017-08-23T00:00:00",
"ID": "CVE-2017-12074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology DNS Server",
"version": {
"version_data": [
{
"version_value": "before 2.2.1-3042"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2017-12074",
"datePublished": "2017-08-24T18:00:00Z",
"dateReserved": "2017-07-31T00:00:00",
"dateUpdated": "2024-09-16T17:14:47.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27615 (GCVE-0-2022-27615)
Vulnerability from cvelistv5 – Published: 2022-07-28 04:00 – Updated: 2024-09-16 23:16
VLAI?
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors.
Severity ?
7.7 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Synology | DNS Server |
Affected:
unspecified , < 2.2.2-5027
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DNS Server",
"vendor": "Synology",
"versions": [
{
"lessThan": "2.2.2-5027",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-28T04:00:16",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2022-07-27T18:58:33.784612",
"ID": "CVE-2022-27615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DNS Server",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "2.2.2-5027"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_27",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2022-27615",
"datePublished": "2022-07-28T04:00:16.877008Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-16T23:16:05.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8623 (GCVE-0-2020-8623)
Vulnerability from cvelistv5 – Published: 2020-08-21 20:50 – Updated: 2024-09-17 03:19
VLAI?
Title
A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
Summary
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
Severity ?
7.5 (High)
CWE
- If BIND is built with "--enable-native-pkcs11" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ISC | BIND9 |
Affected:
9.10.0 , < unspecified
(custom)
Affected: unspecified , < 9.11.22 (custom) Affected: 9.12.0 , < unspecified (custom) Affected: unspecified , < 9.16.6 (custom) Affected: 9.17.0 , < unspecified (custom) Affected: unspecified , < 9.17.4 (custom) Affected: 9.10.5-S1 , < Supported Preview* (custom) |
Credits
ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.10.0",
"versionType": "custom"
},
{
"lessThan": "9.11.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.12.0",
"versionType": "custom"
},
{
"lessThan": "9.16.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.17.0",
"versionType": "custom"
},
{
"lessThan": "9.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.11.22-S1",
"status": "unaffected"
}
],
"lessThan": "Supported Preview*",
"status": "affected",
"version": "9.10.5-S1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker"
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "If BIND is built with \"--enable-native-pkcs11\" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:36",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8623",
"STATE": "PUBLIC",
"TITLE": "A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.10.0"
},
{
"version_affected": "\u003c",
"version_value": "9.11.22"
},
{
"version_affected": "\u003e=",
"version_value": "9.12.0"
},
{
"version_affected": "\u003c",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_value": "9.17.4"
},
{
"version_affected": "\u003e=",
"version_name": "Supported Preview",
"version_value": "9.10.5-S1"
},
{
"version_affected": "\u003c",
"version_name": "Supported Preview",
"version_value": "9.11.22-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Lyu Chiy for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker"
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "If BIND is built with \"--enable-native-pkcs11\" then a specially crafted query for a zone signed with RSA can trigger an assertion failure. Affects BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8623",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8623"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "DSA-4752",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8623",
"datePublished": "2020-08-21T20:50:19.797742Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-17T03:19:11.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8622 (GCVE-0-2020-8622)
Vulnerability from cvelistv5 – Published: 2020-08-21 20:50 – Updated: 2024-09-16 17:14
VLAI?
Title
A truncated TSIG response can lead to an assertion failure
Summary
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
Severity ?
6.5 (Medium)
CWE
- Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ISC | BIND9 |
Affected:
9.0.0 , < unspecified
(custom)
Affected: unspecified , < 9.11.22 (custom) Affected: 9.12.0 , < unspecified (custom) Affected: unspecified , < 9.16.6 (custom) Affected: 9.17.0 , < unspecified (custom) Affected: unspecified , < 9.17.4 (custom) Affected: 9.9.3-S1 , < Supported Preview* (custom) |
Credits
ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "9.11.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.12.0",
"versionType": "custom"
},
{
"lessThan": "9.16.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.17.0",
"versionType": "custom"
},
{
"lessThan": "9.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.11.22-S1",
"status": "unaffected"
}
],
"lessThan": "Supported Preview*",
"status": "affected",
"version": "9.9.3-S1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit."
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-20T10:40:22",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "USER"
},
"title": "A truncated TSIG response can lead to an assertion failure",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8622",
"STATE": "PUBLIC",
"TITLE": "A truncated TSIG response can lead to an assertion failure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.0.0"
},
{
"version_affected": "\u003c",
"version_value": "9.11.22"
},
{
"version_affected": "\u003e=",
"version_value": "9.12.0"
},
{
"version_affected": "\u003c",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_value": "9.17.4"
},
{
"version_affected": "\u003e=",
"version_name": "Supported Preview",
"version_value": "9.9.3-S1"
},
{
"version_affected": "\u003c",
"version_name": "Supported Preview",
"version_value": "9.11.22-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Dave Feldman, Jeff Warren, and Joel Cunningham of Oracle for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit."
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Attempting to verify a truncated response to a TSIG-signed request leads to an assertion failure. Affects BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8622",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"name": "FEDORA-2020-a02b7a0f21",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "USN-4468-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"name": "DSA-4752",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"name": "FEDORA-2020-14c194e5af",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"
},
{
"name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2355-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.11.22\n BIND 9.16.6\n BIND 9.17.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.11.22-S1"
}
],
"source": {
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8622",
"datePublished": "2020-08-21T20:50:19.383306Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-16T17:14:14.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8621 (GCVE-0-2020-8621)
Vulnerability from cvelistv5 – Published: 2020-08-21 20:50 – Updated: 2024-09-16 16:18
VLAI?
Title
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
Summary
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
Severity ?
7.5 (High)
CWE
- While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after 'forward first' did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Credits
ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND9",
"vendor": "ISC",
"versions": [
{
"changes": [
{
"at": "9.16.6",
"status": "unaffected"
},
{
"at": "9.17.0",
"status": "affected"
},
{
"at": "9.17.4",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "9.14.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention."
}
],
"datePublic": "2020-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after \u0027forward first\u0027 did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:43",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.16.6\n BIND 9.17.4"
}
],
"source": {
"discovery": "USER"
},
"title": "Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c",
"workarounds": [
{
"lang": "en",
"value": "No workarounds known."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2020-08-20T18:35:08.000Z",
"ID": "CVE-2020-8621",
"STATE": "PUBLIC",
"TITLE": "Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND9",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "",
"version_value": "9.14.0"
},
{
"version_affected": "\u003c",
"version_name": "",
"version_value": "9.16.6"
},
{
"version_affected": "\u003e=",
"version_name": "",
"version_value": "9.17.0"
},
{
"version_affected": "\u003c",
"version_name": "",
"version_value": "9.17.4"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Joseph Gullo for bringing this vulnerability to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "We are not aware of any active exploits."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "While query forwarding and QNAME minimization are mutually incompatible, BIND did sometimes allow QNAME minimization when continuing with recursion after \u0027forward first\u0027 did not result in an answer. In these cases the data used by QNAME minimization might be inconsistent, leading to an assertion failure, causing the server to exit. Affects BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/cve-2020-8621",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2020-8621"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"name": "USN-4468-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"name": "GLSA-202008-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_19"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n BIND 9.16.6\n BIND 9.17.4"
}
],
"source": {
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "No workarounds known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2020-8621",
"datePublished": "2020-08-21T20:50:18.959156Z",
"dateReserved": "2020-02-05T00:00:00",
"dateUpdated": "2024-09-16T16:18:00.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12074 (GCVE-0-2017-12074)
Vulnerability from cvelistv5 – Published: 2017-08-24 18:00 – Updated: 2024-09-16 17:14
VLAI?
Summary
Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.
Severity ?
No CVSS data available.
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory (CWE-22)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Synology | Synology DNS Server |
Affected:
before 2.2.1-3042
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:15.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology DNS Server",
"vendor": "Synology",
"versions": [
{
"status": "affected",
"version": "before 2.2.1-3042"
}
]
}
],
"datePublic": "2017-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-24T17:57:01",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2017-08-23T00:00:00",
"ID": "CVE-2017-12074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology DNS Server",
"version": {
"version_data": [
{
"version_value": "before 2.2.1-3042"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_46_DNS_Server"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2017-12074",
"datePublished": "2017-08-24T18:00:00Z",
"dateReserved": "2017-07-31T00:00:00",
"dateUpdated": "2024-09-16T17:14:47.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}