Bind Server 安全漏洞

漏洞信息详情

Bind Server 安全漏洞

CNNVD编号：CNNVD-202102-1310
危害等级：高危-->
危害等级：高危
CVE编号： CVE-2020-8625
漏洞类型：其他
发布时间： 2021-02-17
威胁类型：远程
更新时间： 2021-09-23
厂商：
漏洞来源： Red Hat

漏洞简介

ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。

BIND 存在安全漏洞，该漏洞源于通过显式地为tkey-gssapi-keytab或tkey-gssapi-credentialconfiguration选项设置有效值，服务器可能会变得脆弱。

漏洞公告

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://kb.isc.org/v1/docs/cve-2020-8625

参考网址

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/KYXAF7G45RXDVNUTWWCI2CVTHRZ67LST/

来源:CONFIRM

链接:https://kb.isc.org/v1/docs/cve-2020-8625

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/QWCMBOSZOJIIET7BWTRYS3HLX5TSDKHX/

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/EBTPWRQWRQEJNWY4NHO4WLS4KLJ3ERHZ/

来源:MLIST

链接:http://www.openwall.com/lists/oss-security/2021/02/20/2

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20210319-0001/

来源:MLIST

链接:http://www.openwall.com/lists/oss-security/2021/02/19/1

来源:DEBIAN

链接:https://www.debian.org/security/2021/dsa-4857

来源:MISC

链接:https://www.zerodayinitiative.com/advisories/ZDI-21-195/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2021/02/msg00029.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0947

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6486871

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0810.2

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0612

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-8625

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0736

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161847/Red-Hat-Security-Advisory-2021-0922-01.html

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6490827

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161588/Red-Hat-Security-Advisory-2021-0669-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1207

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0658

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2604

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0750

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0794

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161653/Red-Hat-Security-Advisory-2021-0727-01.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021092209

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161456/Ubuntu-Security-Notice-USN-4737-1.html

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-packet-capture-is-vulnerable-to-using-components-with-known-vulnerabilities-2/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161610/Red-Hat-Security-Advisory-2021-0694-01.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/ISC-BIND-buffer-overflow-via-GSSAPI-Security-Policy-Negotiation-34610

受影响实体

暂无

补丁

Bind Server 安全漏洞的修复措施

正文

Bind Server 安全漏洞

漏洞信息详情