Total vulnerabilities in the database
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
| Software | From | Fixed in |
|---|---|---|
| isc / bind | 9.17.0 | 9.17.3.x |
| isc / bind | 9.0.0 | 9.11.21.x |
| isc / bind | 9.12.0 | 9.16.5.x |
| isc / bind | 9.9.3-s1 | 9.9.3-s1.x |
| isc / bind | 9.11.21-s1 | 9.11.21-s1.x |
| fedoraproject / fedora | 31 | 31.x |
| fedoraproject / fedora | 32 | 32.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 20.04 | 20.04.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| opensuse / leap | 15.1 | 15.1.x |
| opensuse / leap | 15.2 | 15.2.x |
| synology / dns_server | - | 2.2.2-5028 |
| oracle / communications_diameter_signaling_router | 8.0.0 | 8.5.0.x |