Vulnerability Details : CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch

Vulnerability category: OverflowExecute code

Published 2021-02-17 23:15:14

Updated 2022-04-18 19:25:21

Source Internet Systems Consortium (ISC)

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2020-8625

Probability of exploitation activity in the next 30 days: 27.46%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-8625

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	[email protected]
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	[email protected]
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-8625

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Assigned by: [email protected] (Primary)

References for CVE-2020-8625

https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html

Mailing List;Third Party Advisory
https://www.debian.org/security/2021/dsa-4857

Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/QWCMBOSZOJIIET7BWTRYS3HLX5TSDKHX/

Mailing List;Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/02/19/1

Mailing List;Patch;Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ/

Mailing List;Third Party Advisory
https://kb.isc.org/v1/docs/cve-2020-8625

Mitigation;Vendor Advisory
https://security.netapp.com/advisory/ntap-20210319-0001/

Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/KYXAF7G45RXDVNUTWWCI2CVTHRZ67LST/

Mailing List;Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/02/20/2

Mailing List;Patch;Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-195/

Third Party Advisory;VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Patch;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2020-8625

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
ISC » Bind
Versions from including (>=) 9.5.0 and up to, including, (<=) 9.11.27
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Matching versions
ISC » Bind
Versions from including (>=) 9.12.0 and up to, including, (<=) 9.16.11
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 9.11.5 Update S5 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.5 Update S3 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.3 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.7 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.6 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.8 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.21 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.11.27 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.16.8 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.16.11 Update S1 Supported Preview Edition
cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
Matching versions
ISC » Bind » Version: 9.17.0
cpe:2.3:a:isc:bind:9.17.0:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 9.17.1
cpe:2.3:a:isc:bind:9.17.1:*:*:*:*:*:*:*
Matching versions
Siemens » Sinec Infrastructure Network Services
Versions before (<) 1.0.1.1
cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 32
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Netapp » Cloud Backup » Version: N/A
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Matching versions
Netapp » A250 Firmware » Version: N/A
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » A250 » Version: N/A
Netapp » 500f Firmware » Version: N/A
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » 500f » Version: N/A