Threat Encyclopedia

ISC.BIND.TKEY.SPNEGO.der_get_oid.Integer.Overflow

Description

This indicates an attack attempt to exploit an Integer Overflow Vulnerability in ISC BIND.
The vulnerability occurs while processing a OID of a TKEY DNS query. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted DNS query to an affected server. Successful exploitation would result in information disclosure, denial-of-service, and in worst case remote code execution.

Affected Products

ISC BIND prior to 9.11.31
ISC BIND prior to 9.16.15
ISC BIND prior to 9.17.12
ISC BIND Supported Preview Edition prior to 9.11.31-S1
ISC BIND Supported Preview Edition prior to 9.16.15-S1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://kb.isc.org/docs/cve-2021-25216

CVE References

CVE-2021-25216