PT-2016-3305 · Isc+8 · Isc Bind 9.X+8

Marco Davids

+1

·

Published

2016-02-11

·

Updated

2024-06-15

·

CVE-2016-8864

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions ISC BIND 9.x versions 9.9.9 through 9.9.9-P3 ISC BIND 9.x versions 9.10.x through 9.10.4-P3 ISC BIND 9.x versions 9.11.x through 9.11.0
Description The issue is related to errors in data processing, which can be exploited by a remote attacker to cause a denial of service. This can be achieved by sending a specially crafted DNS packet with malformed options, triggering an assertion failure. The vulnerability is also related to DNAME records in the answer section of a response to a recursive query.
Recommendations For ISC BIND 9.x versions 9.9.9 through 9.9.9-P3, update to version 9.9.9-P4 or later. For ISC BIND 9.x versions 9.10.x through 9.10.4-P3, update to version 9.10.4-P4 or later. For ISC BIND 9.x versions 9.11.x through 9.11.0, update to version 9.11.0-P1 or later.

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-19CWE-617

Related Identifiers

ALT-PU-2016-2242
ALT-PU-2017-1464
BDU:2020-00776
CESA-2016_2141
CESA-2016_2615
CVE-2016-8864
DLA-696-1
DSA-3703-1
DSA-3795-1
FREEBSD-SA-16_34
MGASA-2016-0365
OPENSUSE-SU-2016_2738-1
OPENSUSE-SU-2016_2739-1
OPENSUSE-SU-2024:10467-1
RHSA-2016:2141
RHSA-2016:2142
RHSA-2016:2615
RHSA-2016:2871
RHSA-2016_2141
RHSA-2016_2142
RHSA-2016_2615
RHSA-2017:1583
SUSE-SU-2016:2696-1
SUSE-SU-2016:2697-1
SUSE-SU-2016:2697-2
SUSE-SU-2016:2706-1
SUSE-SU-2016_2696-1
SUSE-SU-2016_2697-1
SUSE-SU-2016_2706-1
USN-3119-1

Affected Products

Alt Linux
Bind Server
Centos
Freebsd
Ibm Aix
Isc Bind 9.X
Red Hat
Suse
Ubuntu