ID CVE-2020-8621
Summary In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:bind:9.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.17.0:*:*:*:-:*:*:*
    cpe:2.3:a:isc:bind:9.17.0:*:*:*:-:*:*:*
  • cpe:2.3:a:isc:bind:9.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.17.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.6:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.6:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.7:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.7:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.8:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.8:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.9:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.9:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.11:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.11:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.14.12:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.14.12:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.15.6:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.15.6:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.16.5:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • cpe:2.3:a:synology:dns_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.0-0017:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.0-0017:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.0-0019:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.0-0019:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.0-0027:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.0-0027:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.0-0028:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.0-0028:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0052:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0052:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0053:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0053:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0058:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0058:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0059:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0059:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0064:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0064:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0066:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0066:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0068:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0068:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0070:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0070:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0075:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0075:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0077:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0077:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0080:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0080:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0083:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0083:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0084:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0084:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0088:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0088:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0090:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0090:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0091:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0091:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0093:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0093:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0094:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0094:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0113:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0113:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0119:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0119:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0123:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0123:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0124:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0124:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0301:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0301:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0302:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0302:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0304:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0304:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.1-0307:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.1-0307:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.2-1002:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.2-1002:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.2.0-0129:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.2.0-0129:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:1.2.0-0130:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:1.2.0-0130:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.0-3032:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.0-3032:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-3042:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-3042:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-3050:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-3050:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-3051:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-3051:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-3062:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-3062:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-3079:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-3079:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-5009:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-5009:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-5010:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-5010:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-5012:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-5012:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:dns_server:2.2.1-5014:*:*:*:*:*:*:*
    cpe:2.3:a:synology:dns_server:2.2.1-5014:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 28-04-2022 - 18:27)
Impact:
Exploitability:
CWE CWE-617
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
confirm
gentoo GLSA-202008-19
suse
  • openSUSE-SU-2020:1699
  • openSUSE-SU-2020:1701
ubuntu USN-4468-1
Last major update 28-04-2022 - 18:27
Published 21-08-2020 - 21:15
Last modified 28-04-2022 - 18:27
Back to Top