mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
2.1 KiB
2.1 KiB
CVE-2020-8619
%20is%20allowed%20in%20DNS%20zone%20files%2C%20where%20it%20is%20most%20commonly%20present%20as%20a%20wildcard%20at%20a%20terminal%20node%20of%20the%20Domain%20Name%20System%20graph.%20However%2C%20the%20RFCs%20do%20not%20require%20and%20BIND%20does%20not%20enforce%20that%20an%20asterisk%20character%20be%20present%20only%20at%20a%20terminal%20node.%20%20A%20problem%20can%20occur%20when%20an%20asterisk%20is%20present%20in%20an%20empty%20non-terminal%20location%20within%20the%20DNS%20graph.%20If%20such%20a%20node%20exists%2C%20after%20a%20series%20of%20queries%2C%20named%20can%20reach%20an%20inconsistent%20state%20that%20results%20in%20the%20failure%20of%20an%20assertion%20check%20in%20rbtdb.c%2C%20followed%20by%20the%20program%20exiting%20due%20to%20the%20assertion%20failure.%20%20Versions%20affected%3A%20BIND%209.11.14%20-%3E%209.11.19%2C%20BIND%209.14.9%20-%3E%209.14.12%2C%20BIND%209.16.0%20-%3E%209.16.3.%20Also%2C%20versions%209.11.14-S1%20-%3E%209.11.19-S1%20of%20BIND%20Supported%20Preview%20Edition&color=brighgreen)
Description
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
POC
Reference
No PoCs from references.