{"vulnerability": "CVE-2020-12662", "sightings": [{"uuid": "24e1d702-76b4-4027-b9b0-b09dbabdfb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12662", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/1149", "content": "#exploit\nNXNSAttack DNS\nhttps://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack\n\n1. CVE-2020-8616:\nBIND does not sufficiently limit the number of fetches performed when processing referrals\nhttps://kb.isc.org/docs/cve-2020-8616\n\n2. CVE-2020-12663:\nMalformed answers from upstream name servers can be used to make Unbound unresponsive\nhttps://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt\n\n3. CVE-2020-12667:\nKnot Resolver <5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server\nhttps://www.openwall.com/lists/oss-security/2020/05/19/2\n\n4. CVE-2020-10995:\nPowerDNS Recursor 4.1 - 4.3 DoS (Security Advisory)\nhttps://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html", "creation_timestamp": "2024-10-24T04:43:49.000000Z"}, {"uuid": "ccad81ba-7ef4-4e69-a325-ba62e2987261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12662", "type": "seen", "source": "https://t.me/cibsecurity/17446", "content": "\u203c CVE-2020-10772 \u203c\n\nAn incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned erratum. This issue is about the incomplete fix for CVE-2020-12662, and it does not affect upstream versions of Unbound.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T07:32:10.000000Z"}]}