Vulnerability Details : CVE-2020-8617
Public exploit exists!
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.
Products affected by CVE-2020-8617
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.12.4:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.12.4:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Threat overview for CVE-2020-8617
Top countries where our scanners detected CVE-2020-8617
Top open port discovered on systems with this issue
53
IPs affected by CVE-2020-8617 1,307,649
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2020-8617!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2020-8617
97.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-8617
-
BIND TSIG Badtime Query Denial of Service
Disclosure Date: 2020-05-19First seen: 2020-05-26auxiliary/dos/dns/bind_tsig_badtimeA logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c. Authors: - Tobias Klein - Shuto Imai
CVSS scores for CVE-2020-8617
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Internet Systems Consortium (ISC) |
CWE ids for CVE-2020-8617
-
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-8617
-
https://usn.ubuntu.com/4365-1/
USN-4365-1: Bind vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
[security-announce] openSUSE-SU-2020:1701-1: moderate: Security update fMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
[security-announce] openSUSE-SU-2020:1699-1: moderate: Security update fMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/
[SECURITY] Fedora 32 Update: bind-9.11.19-1.fc32 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html
[SECURITY] [DLA 2227-1] bind9 security updateMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20200522-0002/
May 2020 ISC BIND Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://kb.isc.org/docs/cve-2020-8617
CVE-2020-8617: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c - Security AdvisoriesPatch;Vendor Advisory
-
https://usn.ubuntu.com/4365-2/
USN-4365-2: Bind vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/
[SECURITY] Fedora 31 Update: bind-9.11.19-1.fc31 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2020/05/19/4
oss-security - Two vulnerabilities disclosed in BIND (CVE-2020-8616 and CVE-2020-8617)Mailing List;Patch;Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4689
Debian -- Security Information -- DSA-4689-1 bind9Third Party Advisory
-
http://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html
BIND TSIG Denial Of Service ≈ Packet StormThird Party Advisory;VDB Entry
Jump to