PT-2016-5213 · Isc+8 · Isc Bind 9+8

Alejandro Parodi

+2

·

Published

2015-07-28

·

Updated

2025-12-18

·

CVE-2016-2776

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions ISC BIND 9 versions 9.9.9 before 9.9.9-P3 ISC BIND 9 versions 9.10.x before 9.10.4-P3 ISC BIND 9 versions 9.11.x before 9.11.0rc3
Description The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and daemon exit, by sending a crafted query. This can also be triggered by sending an overly long request when lwresd or the named lwres option is enabled, causing the daemon to crash.
Recommendations For ISC BIND 9 versions 9.9.9 before 9.9.9-P3, update to version 9.9.9-P3 or later. For ISC BIND 9 versions 9.10.x before 9.10.4-P3, update to version 9.10.4-P3 or later. For ISC BIND 9 versions 9.11.x before 9.11.0rc3, update to version 9.11.0rc3 or later. As a temporary workaround, consider disabling the lwresd option or the named lwres option to minimize the risk of exploitation.

Exploit

Fix

DoS

RCE

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2015-1641
ALT-PU-2016-2031
ALT-PU-2017-1055
ALT-PU-2017-1464
ALT-PU-2020-1980
ALT-PU-2020-1986
BINDUDPDOS
CESA-2015_1513
CESA-2015_1705
CESA-2016_1944
CESA-2017_0062
CESA-2020_2338
CESA-2020_2344
CESA-2020_2383
CVE-2016-2776
DLA-645-1
DSA-3680-1
ELSA-2016-1944
FREEBSD-SA-16_28
MGASA-2016-0332
OPENSUSE-SU-2016_2406-1
OPENSUSE-SU-2024:10467-1
RHSA-2015_1513
RHSA-2015_1514
RHSA-2015_1515
RHSA-2015_1705
RHSA-2015_1706
RHSA-2015_1707
RHSA-2016:1944
RHSA-2016:1945
RHSA-2016:2099
RHSA-2016_1944
RHSA-2016_1945
RHSA-2017_0062
RHSA-2020_2338
RHSA-2020_2344
RHSA-2020_2383
SUSE-SU-2016:2399-1
SUSE-SU-2016:2401-1
SUSE-SU-2016:2405-1
SUSE-SU-2016_2399-1
SUSE-SU-2016_2401-1
SUSE-SU-2016_2405-1
USN-3088-1

Affected Products

Alt Linux
Bind Server
Centos
Freebsd
Ibm Aix
Isc Bind 9
Red Hat
Suse
Ubuntu