Lucene search
AnonymousZDI-21-657HistoryJun 07, 2021 - 12:00 a.m.
ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability
2021-06-0700:00:00
Anonymous
www.zerodayinitiative.com
71
isc bind
tkey query
integer overflow
remote code execution
vulnerability
authentication
user-supplied data
buffer allocation
bind user
EPSS
0.447
Percentile
97.4%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of TKEY queries. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the “bind” user.
References
Related
openvas
openvas
ISC BIND Buffer Overflow Vulnerability (CVE-2021-25216) - Windows
2021-04-30 00:00:00
ISC BIND Buffer Overflow Vulnerability (CVE-2021-25216) - Linux
2021-04-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:14714-1)
2021-06-09 00:00:00
ibm
ibm
ubuntucve
ubuntucve
CVE-2021-25216
2021-04-28 00:00:00
redhatcve
redhatcve
CVE-2021-25216
2021-04-29 03:48:35
veracode
veracode
Denial Of Service (DoS)
2021-05-01 10:32:40
cisa
cisa
ISC Releases Security Advisory for BIND
2021-04-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-25216 affecting package bind 9.16.3-3
2021-05-16 16:46:11
f5
f5
K19443402 : BIND vulnerability CVE-2021-25216
2021-05-19 00:00:00
nessus
nessus
ISC BIND GSS-TSIG SPNEGO Buffer Overflow (CVE-2021-25216)
2021-04-30 00:00:00
ISC BIND 9.5.0 < 9.11.31 / 9.11.3-S1 < 9.11.31-S1 / 9.12.0 < 9.16.15 / 9.16.8-S1 < 9.16.15-S1 / 9.17.0 <-> 9.17.1 Buffer Overflow (CVE-2021-25216)
2021-05-06 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Bind vulnerabilities (USN-4929-1)
2021-04-30 00:00:00
prion
prion
Buffer overflow
2021-04-29 01:15:00
cvelist
cvelist
debiancve
debiancve
CVE-2021-25216
2021-04-29 01:15:08
osv
osv
CGA-cq6v-4826-hvjh
2024-06-06 12:26:49
CVE-2021-25216
2021-04-29 01:15:08
bind9 - security update
2021-05-01 00:00:00
nvd
nvd
CVE-2021-25216
2021-04-29 01:15:08
alpinelinux
alpinelinux
CVE-2021-25216
2021-04-29 01:15:08
cve
cve
CVE-2021-25216
2021-04-29 01:15:08
ubuntu
ubuntu
Bind vulnerabilities
2021-04-29 00:00:00
slackware
slackware
[slackware-security] bind
2021-04-29 01:41:22
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216
2021-09-21 22:01:45
altlinux
altlinux
Security fix for the ALT Linux 10 package bind version 9.11.31-alt1
2021-04-29 00:00:00
Security fix for the ALT Linux 9 package bind version 9.11.31-alt1
2021-05-12 00:00:00
archlinux
archlinux
[ASA-202104-10] bind: multiple issues
2021-04-29 00:00:00
redos
redos
debian
debian
[SECURITY] [DSA 4909-1] bind9 security update
2021-05-01 09:09:48
[SECURITY] [DLA 2647-1] bind9 security update
2021-05-04 10:21:23
[SECURITY] [DSA 4909-1] bind9 security update
2021-05-01 09:09:48
photon
photon
Critical Photon OS Security Update - PHSA-2021-0240
2021-05-20 00:00:00
Critical Photon OS Security Update - PHSA-2021-0039
2021-06-07 00:00:00
mageia
mageia
Updated bind packages fix security vulnerabilities
2021-05-23 21:45:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1803
2021-07-02 16:31:31
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00