PT-2017-9968 · Isc+7 · Isc Bind 9.11.X+9

Publicado

2017-01-11

Atualizado

2024-06-15

CVE-2016-9131

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ISC BIND 9.x before 9.9.9-P5 ISC BIND 9.10.x before 9.10.4-P5 ISC BIND 9.11.x before 9.11.0-P2

Description The issue allows remote attackers to cause a denial of service via a malformed response to an RTYPE ANY query, resulting in an assertion failure and daemon exit. This is due to the improper handling of responses during recursion.

Recommendations For ISC BIND 9.x before 9.9.9-P5, update to version 9.9.9-P5 or later. For ISC BIND 9.10.x before 9.10.4-P5, update to version 9.10.4-P5 or later. For ISC BIND 9.11.x before 9.11.0-P2, update to version 9.11.0-P2 or later.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2017-1055

CESA-2017_0062

CVE-2016-9131

DLA-805-1

DSA-3758-1

MGASA-2017-0478

OPENSUSE-SU-2017_0182-1

OPENSUSE-SU-2017_0193-1

OPENSUSE-SU-2024:10650-1

RHSA-2017:0062

RHSA-2017:1583

RHSA-2017_0062

SUSE-SU-2017:0111-1

SUSE-SU-2017:0112-1

SUSE-SU-2017:0113-1

SUSE-SU-2017_0111-1

SUSE-SU-2017_0112-1

SUSE-SU-2017_0113-1

USN-3172-1

Produtos afetados

Alt Linux

Bind Server

Centos

Ibm Aix

Isc Bind 9.10.X

Isc Bind 9.11.X

Isc Bind 9.X

Red Hat

Suse

Ubuntu

PT-2017-9968 · Isc+7 · Isc Bind 9.11.X+9

CVE-2016-9131

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 129