{"vulnerability": "CVE-2020-8625", "sightings": [{"uuid": "8318bfe5-6e7a-4951-9bbe-8c8e3863a0f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8625", "type": "seen", "source": "Telegram/2f0bY5eTPGcC0pb-3D0fQKJ-gFOqNTjY0_bD2TQfBuCgb5E", "content": "", "creation_timestamp": "2021-06-10T02:58:23.000000Z"}, {"uuid": "f2e262d4-b1c1-4c56-94e9-08b1422c1cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8625", "type": "seen", "source": "https://t.me/cibsecurity/23791", "content": "\u203c CVE-2020-8625 \u203c\n\nBIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-18T02:49:29.000000Z"}, {"uuid": "d6249eb8-4439-49fd-ab80-f09b56ec0b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-8625", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2759", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 15-21)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2020-10759 - Dazed Blesbok\nhttps://t.me/cybersecuritytechnologies/1243\nCVE-2021-21976 - VMware Post-Auth RCE in vSphere Replication\nCVE-2021-3177 - Python 3 Buffer Overflow\nhttps://t.me/cybersecuritytechnologies/2740\nCVE-2020-8625 - A vulnerability in BIND's GSSAPI\nhttps://kb.isc.org/docs/cve-2020-8625\nCVE-2021-20655\nhttps://jvn.jp/en/jp/JVN58774946/index.html\nCVE-2021-1366 - A vulnerability in the interprocess communication channel of Cisco AnyConnect Secure Client\nhttps://www.coresecurity.com/core-labs/articles/analysis-cisco-anyconnect-posture-hostscan-local-privilege-escalation-cve-2021", "creation_timestamp": "2021-02-22T14:45:11.000000Z"}]}