CVE-2020-8620
Description
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
8.369
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in BIND 9.17.1 | Windows |
| Internet Domain Name Server (USN-4468-1) bind9_9.16.1-0ubuntu2.3_i386.deb | Linux |
| Internet Domain Name Server (USN-4468-1) bind9_9.16.1-0ubuntu2.3_amd64.deb | Linux |
| Internet Domain Name Server (USN-4468-1) bind9_9.11.3+dfsg-1ubuntu1.13_i386.deb | Linux |
| Internet Domain Name Server (USN-4468-1) bind9_9.11.3+dfsg-1ubuntu1.13_amd64.deb | Linux |
| Internet Domain Name Server (USN-4468-1) bind9_9.10.3.dfsg.P4-8ubuntu1.17_i386.deb | Linux |
| Internet Domain Name Server (USN-4468-1) bind9_9.10.3.dfsg.P4-8ubuntu1.17_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234