CVE-2020-8616

Description from NVD

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

Information Acquisition Date:2020/11/17
CVSS 2.0: 5.0 MEDIUM CVSS 3.x: 8.6 HIGH

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN

Software Tag: BIND(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
http://www.sesin.at7371
https://knqyf263.hatenablog.com/entry/2020/05/21/00364514
https://www.jpcert.or.jp/at/2020/at200023.html13
https://kb.isc.org/docs/cve-2020-861610
https://www.ipa.go.jp/security/ciadr/vul/alert20200520.html6
https://twitter.com/OrangeMorishita/status/12627196694897254436
https://ift.tt/2zc9SlO5
https://jprs.jp/tech/security/2020-05-20-bind9-vuln-process...5
https://access.redhat.com/security/cve/CVE-2020-86174
https://security.sios.com/vulnerability/bind-security-vulne...3
https://portal.msrc.microsoft.com/en-US/security-guidance/a...3

Information from Twitter

User URL Info Source Date
JuniperSIRT https://juni.pr/35CLWoZ Source JuniperSIRT      1349416018389569543 2021/01/14

List of frequently cited URLs

URLNum of Times Referred to
www.sesin.at7371
knqyf263.hatenablog.com14
www.jpcert.or.jp13
kb.isc.org10
www.ipa.go.jp6
twitter.com6
ift.tt5
jprs.jp5
access.redhat.com4
security.sios.com3
portal.msrc.microsoft.com3

Information from Twitter

User URL Info Source
JuniperSIRT juni.pr Show Tweet
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2021/01/14 Score : 1
Added Har-sia Database : 2020/05/19
Last Modified : 2021/01/14
Highest Scored Date : 2020/05/20
Highest Score : 41