ISC BIND 安全漏洞

CNNVD-ID编号	CNNVD-202005-916
CVE编号	CVE-2020-8617
发布时间	2020-05-19
更新时间	2021-01-15
漏洞类型	其他
漏洞来源	N/A
危险等级	高危
威胁类型	远程
厂商	N/A

漏洞介绍

ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。

ISC BIND中存在安全漏洞。远程攻击者可利用该漏洞导致拒绝服务。以下产品及版本受到影响：BIND 9.0.0版本至9.11.18版本，9.12.0版本至9.12.4-P2版本，9.14.0版本至9.14.11版本，9.16.0版本至9.16.2版本，9.17.0版本至9.17.1版本，9.13版本，9.15版本，BIND Supported Preview Edition from 9.9.3-S1版本至9.11.18-S1版本。

漏洞补丁

目前厂商已发布升级了ISC BIND 安全漏洞的补丁，ISC BIND 安全漏洞的补丁获取链接：

https://kb.isc.org/docs/cve-2020-8617

参考网址

来源:UBUNTU

链接：https://usn.ubuntu.com/4365-2/
来源:UBUNTU

链接：https://usn.ubuntu.com/4365-1/
来源:SUSE

链接：http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
来源:MLIST

链接：http://www.openwall.com/lists/oss-security/2020/05/19/4
来源:MISC

链接：https://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html
来源:MLIST

链接：https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html
来源:CONFIRM

链接：https://security.netapp.com/advisory/ntap-20200522-0002/
来源:DEBIAN

链接：https://www.debian.org/security/2020/dsa-4689
来源:CONFIRM

链接：https://kb.isc.org/docs/cve-2020-8617
来源:FEDORA

链接：https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/
来源:SUSE

链接：http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
来源:FEDORA

链接：https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/
来源:www.ibm.com

链接：https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-bind-affect-aix-cve-2020-8616-and-cve-2020-8617/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158134/Red-Hat-Security-Advisory-2020-2449-01.html
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158908/Red-Hat-Security-Advisory-2020-3475-01.html
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158844/Red-Hat-Security-Advisory-2020-3433-01.html
来源:nvd.nist.gov

链接：https://nvd.nist.gov/vuln/detail/CVE-2020-8617
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2267/
来源:www.ibm.com

链接：https://www.ibm.com/blogs/psirt/security-bulletin-bind-for-ibm-i-is-affected-by-cve-2020-8616-and-cve-2020-8617/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158806/Red-Hat-Security-Advisory-2020-3379-01.html
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2794/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157836/BIND-TSIG-Denial-Of-Service.html
来源:access.redhat.com

链接：https://access.redhat.com/security/cve/cve-2020-8617
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2744/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2833/
来源:www.nsfocus.net

链接：http://www.nsfocus.net/vulndb/48084
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2108/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157921/Red-Hat-Security-Advisory-2020-2383-01.html
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1932/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1777.2/
来源:www.ibm.com

链接：https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerabilities-from-bind-affect-ibm-netezza-host-management/
来源:vigilance.fr

链接：https://vigilance.fr/vulnerability/ISC-BIND-two-vulnerabilities-32300
来源:www.ibm.com

链接：https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v10-is-impacted-by-denial-of-service-vulnerabilities-in-crunchy-kernel-cve-2020-8616-cve-2020-8617/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157759/Ubuntu-Security-Notice-USN-4365-1.html
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2593/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157864/Red-Hat-Security-Advisory-2020-2338-01.html
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158399/Red-Hat-Security-Advisory-2020-2893-01.html
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157784/Ubuntu-Security-Notice-USN-4365-2.html
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.2369/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2021.0174/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1905/
来源:vigilance.fr

链接：https://vigilance.fr/vulnerability/ISC-BIND-denial-of-service-via-tsig-c-32332
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/157890/Red-Hat-Security-Advisory-2020-2345-01.html
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1842.5/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1777/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1820/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1842/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1886/
来源:www.ibm.com

链接：https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-cve-2020-8616-and-cve-2020-8617/
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.3522/
来源:www.exploit-db.com

链接：https://www.exploit-db.com/exploits/48521
来源:www.auscert.org.au

链接：https://www.auscert.org.au/bulletins/ESB-2020.1975/
来源:packetstormsecurity.com

链接：https://packetstormsecurity.com/files/158276/Red-Hat-Security-Advisory-2020-2595-01.html

受影响实体

暂无

信息来源

http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202005-916