CVE-2020-8618 log

Severity Medium
Remote Yes
Type Denial of service
An assertion check in BIND before 9.16.4 (that is meant to prevent going beyond the end of a buffer when processing incoming data) can be incorrectly triggered by a large response during zone transfer. An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
Group Package Affected Fixed Severity Status Ticket
AVG-1191 bind 9.16.3-1 9.16.4-1 Medium Fixed
Date Advisory Group Package Severity Type
28 Jun 2020 ASA-202006-13 AVG-1191 bind Medium denial of service