Home

CVE-2020-8619

Description

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (*) character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

Risk Information

Base Score
4.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
6.931

Associated Vulnerability

VulnerabilityOS Platform
Internet Domain Name Server (USN-4399-1) bind9_9.16.1-0ubuntu2.2_i386.debLinux
Internet Domain Name Server (USN-4399-1) bind9_9.16.1-0ubuntu2.2_amd64.debLinux
bind9 security update(DSA-4752-1) bind9_9.11.5.P4+dfsg-5.1+deb10u2_i386.debLinux
bind9 security update(DSA-4752-1) bind9_9.11.5.P4+dfsg-5.1+deb10u2_amd64.debLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-chroot-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-debugsource-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-debugsource-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-devel-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-devel-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-export-devel-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-export-devel-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-export-libs-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-export-libs-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-libs-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-libs-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-libs-lite-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-libs-lite-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-license-9.11.20-5.el8.noarch.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-lite-devel-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-lite-devel-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-devel-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-devel-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-libs-9.11.20-5.el8.i686.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-libs-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-pkcs11-utils-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-sdb-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-sdb-chroot-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update bind-utils-9.11.20-5.el8.x86_64.rpmLinux
(RHSA-2020:4500) bind security, bug fix, and enhancement update python3-bind-9.11.20-5.el8.noarch.rpmLinux
Improper Resource Shutdown or Release Vulnerability (CVE-2020-8619)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234