CVE-2020-8625

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-8625
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8625.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-8625
Downstream
Related
Published
2021-02-17T23:15:13.530Z
Modified
2026-03-15T22:38:44.601325Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch

References

Affected packages

Git / gitlab.isc.org/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/bind9
Events
Introduced
4883ba14a28b3f1798f0a9840f4fd8accca8b69b
Last affected
99ca3c536a90d95a2939d91205b2333da2a961a1
Introduced
71a40862c0be867999867cd99e21c2266a5e452b
Last affected
9ff601bcca506f745e5627fc9630efdd80aaafac
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
617639b7cc40ba9eb6fde2d98099726d50da812e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
eba38b89007f65bc6c1fdd2451034bbe3908b9a4
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
04ca7cc4b6993f47ea61852c759d047c83be7b3f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
deb57872b630b9957662cf443e1e0001ab0e7b73
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
19d6c56085e97cf4ac559cdc27edd624127bcb32
Database specific 
{
    "versions": [
        {
            "introduced": "9.5.0"
        },
        {
            "last_affected": "9.11.27"
        },
        {
            "introduced": "9.12.0"
        },
        {
            "last_affected": "9.16.11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.11.3-s1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.11.6-s1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.17.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.17.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.0"
        }
    ]
}

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.5-s3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.5-s5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.7-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.8-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.21-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.11.27-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.16.8-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.16.11-s1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "32"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "33"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "1.0.1.1"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8625.json"