FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

BIND -- Remote Denial of Service vulnerability

Affected packages
9.11.14 <= bind911 < 9.11.20
9.16.0 <= bind916 < 9.16.4

Details

VuXML ID f00d1873-b138-11ea-8659-901b0ef719ab
Discovery 2020-06-17
Entry 2020-06-18

ISC reports:

The asterisk character ("*") is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node.

A problem can occur when an asterisk is present in an empty non-terminal location within the DNS graph. If such a node exists, after a series of queries, named can reach an inconsistent state that results in the failure of an assertion check in rbtdb.c, followed by the program exiting due to the assertion failure.

[source]

References

CVE Name CVE-2020-8619
URL https://kb.isc.org/docs/cve-2020-8619

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.