In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind |
||
isc bind 9.9.3 |
||
isc bind 9.11.21 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 12.04 |
||
netapp steelstore cloud integrated storage - |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
synology dns server |
||
oracle communications diameter signaling router |