ISC BIND Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Servers - Network Management
Multiple vulnerabilities were identified in ISC BIND. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, data manipulation and security restriction bypass on the targeted system.
Note:
Proof of Concept exploit code is publicly available for CVE-2025-40778. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. Hence, the risk level is rated as Medium Risk.
[Updated on 2025-10-27]
Updated Description and Related Links.
Impact
- Denial of Service
- Data Manipulation
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- BIND version 9.11.0 to 9.16.50
- BIND version 9.18.0 to 9.18.39
- BIND version 9.20.0 to 9.20.13
- BIND version 9.21.0 to 9.21.12
- BIND Supported Preview Edition version 9.11.3-S1 to 9.16.50-S1
- BIND Supported Preview Edition version 9.18.11-S1 to 9.18.39-S1
- BIND Supported Preview Edition version 9.20.9-S1 to 9.20.13-S1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- BIND version 9.18.41
- BIND version 9.20.15
- BIND version 9.21.14
- BIND Supported Preview Edition version 9.18.41-S1
- BIND Supported Preview Edition version 9.20.15-S1
Vulnerability Identifier
Source
Related Link
Related Tags
Share with