virus logo Intrusion Prevention

ISC.BIND.TKEY.SPNEGO.der_get_oid.Out-of-Bounds.Write

description-logoDescription

This indicates an attack attempt to exploit an Out of Bounds Write Vulnerability in ISC BIND.
The vulnerability occurs while processing a OID of a TKEY DNS query. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted DNS query with SPNEGO PDU to an affected server. Successful exploitation would result in information disclosure, denial-of-service, and in worst case remote code execution.

affected-products-logoAffected Products

ISC BIND 9.11.3-S1 -> 9.11.27-S1
ISC BIND 9.12.0 -> 9.16.11
ISC BIND 9.16.8-S1 -> 9.16.11-S1
ISC BIND 9.17.0 -> 9.17.1
ISC BIND 9.5.0 -> 9.11.27

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://kb.isc.org/docs/cve-2020-8625

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-09-08 18.153 Default_action:pass:drop
2021-08-31 18.149
ID 50703
Created Aug 23, 2021
Updated Sep 07, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2020-8625
Exploit Prediction Score 18.73%
Default Action drop
Active
Affected OS All
Affected App Other