ISC.BIND.NXT.Overflow
Description
This vulnerability affects the BIND DNS server. Some versions of BIND fail to properly validate NXT records. This improper validation could allow an intruder to overflow a buffer and execute arbitrary code with the privileges of the name server (usually root). NXT record support was introduced in BIND version 8.2. Prior versions of BIND, including 4.x, are not vulnerable to this problem.
Affected Products
ISC, BIND, 8.2.1
ISC, BIND, 8.2
Impact
Attackers can execute arbitrary code with the privileges of the BIND process.
Recommended Actions
Update to BIND version 8.2.2 or newer.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |