ZDI-21-657: ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of TKEY queries. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the "bind" user.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISC BIND 9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-21-657?
The severity of ZDI-21-657 is considered critical due to the potential for remote code execution without authentication.
How do I fix ZDI-21-657?
To fix ZDI-21-657, users should update to the latest stable version of ISC BIND that addresses this vulnerability.
What exploit is associated with ZDI-21-657?
ZDI-21-657 allows remote attackers to execute arbitrary code by exploiting flaws in the handling of TKEY queries.
Which versions of ISC BIND are affected by ZDI-21-657?
ZDI-21-657 affects specific versions of ISC BIND 9 prior to the security update that resolves this issue.
Is authentication required to exploit ZDI-21-657?
No, authentication is not required to exploit the ZDI-21-657 vulnerability, making it particularly dangerous.
- agent/references
- agent/type
- agent/severity
- agent/weakness
- agent/title
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-21-657
- alias/ZDI-CAN-13347
- alias/CVE-2021-25216
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/isc
- canonical/isc bind 9