|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-10-28 | |
| Rule Name: | ISC BIND TCP Receive Buffer Length Assertion Denial of Service Vulnerability (CVE-2020-8620) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. | |
| Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8620 https://security.gentoo.org/glsa/202008-19 |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://www.isc.org/bind/ |