Threat Encyclopedia



This indicates an attack attempt to exploit an Out of Bounds Write Vulnerability in ISC BIND.
The vulnerability occurs while processing a OID of a TKEY DNS query. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted DNS query with SPNEGO PDU to an affected server. Successful exploitation would result in information disclosure, denial-of-service, and in worst case remote code execution.

Affected Products

ISC BIND 9.11.3-S1 -> 9.11.27-S1
ISC BIND 9.12.0 -> 9.16.11
ISC BIND 9.16.8-S1 -> 9.16.11-S1
ISC BIND 9.17.0 -> 9.17.1
ISC BIND 9.5.0 -> 9.11.27


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References