Threat Encyclopedia

ISC.BIND.TKEY.SPNEGO.der_get_oid.Out-of-Bounds.Write

Description

This indicates an attack attempt to exploit an Out of Bounds Write Vulnerability in ISC BIND.
The vulnerability occurs while processing a OID of a TKEY DNS query. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted DNS query with SPNEGO PDU to an affected server. Successful exploitation would result in information disclosure, denial-of-service, and in worst case remote code execution.

Affected Products

ISC BIND 9.11.3-S1 -> 9.11.27-S1
ISC BIND 9.12.0 -> 9.16.11
ISC BIND 9.16.8-S1 -> 9.16.11-S1
ISC BIND 9.17.0 -> 9.17.1
ISC BIND 9.5.0 -> 9.11.27

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://kb.isc.org/docs/cve-2020-8625

CVE References

CVE-2020-8625