Main Vulnerability Database Exploits ID:4503 - Exploit for Reachable Assertion in ISC BIND - CVE-2020-8620

ID:4503 - Exploit for Reachable Assertion in ISC BIND - CVE-2020-8620

Published: August 20, 2020

Vulnerability identifier: #VU45821

Vulnerability risk: Medium

CVE-ID: CVE-2020-8620

CWE-ID: CWE-617

Exploitation vector: Remote access

Vulnerable software:
ISC BIND

Link to public exploit:

https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1100

Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in tcpdns.c when processing large TCP payloads. An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

Remediation

Install updates from vendor's website.

ID:4503 - Exploit for Reachable Assertion in ISC BIND - CVE-2020-8620

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human