PT-2016-1630 · Isc+9 · Isc Bind 9.X+9

Published

2015-07-29

·

Updated

2024-06-15

·

CVE-2016-1285

CVSS v3.1

6.8

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions ISC BIND 9.x versions 9.9.8-P4 and earlier ISC BIND 9.x versions 9.10.3-P4 and earlier
Description The issue is related to the improper handling of DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service via a malformed packet to the rndc interface. This is related to errors in alist.c and sexpr.c. The vulnerability can be exploited by sending a specially crafted packet, leading to an assertion failure and daemon exit.
Recommendations For ISC BIND 9.x versions 9.9.8-P4 and earlier, update to version 9.9.8-P4 or later. For ISC BIND 9.x versions 9.10.3-P4 and earlier, update to version 9.10.3-P4 or later. As a temporary workaround, consider restricting access to the rndc interface to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2015-1641
ALT-PU-2017-1027
BDU:2016-00942
CESA-2016_0459
CVE-2016-1285
DSA-3511-1
FREEBSD-SA-16_13
MGASA-2016-0107
OPENSUSE-SU-2016_0827-1
OPENSUSE-SU-2016_0834-1
OPENSUSE-SU-2016_0859-1
OPENSUSE-SU-2024:10467-1
RHSA-2016:0458
RHSA-2016:0459
RHSA-2016:0562
RHSA-2016:0601
RHSA-2016_0458
RHSA-2016_0459
SUSE-SU-2016:0759-1
SUSE-SU-2016:0780-1
SUSE-SU-2016:0825-1
SUSE-SU-2016:1541-1
SUSE-SU-2016_0759-1
SUSE-SU-2016_0780-1
SUSE-SU-2016_0825-1
USN-2925-1

Affected Products

Alt Linux
Bind Server
Centos
Freebsd
Ibm Aix
Isc Bind 9.X
Junos
Red Hat
Suse
Ubuntu