PT-2017-9968 · Isc+7 · Isc Bind 9.11.X+9

Published

2017-01-11

Updated

2024-06-15

CVE-2016-9131

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ISC BIND 9.x before 9.9.9-P5 ISC BIND 9.10.x before 9.10.4-P5 ISC BIND 9.11.x before 9.11.0-P2

Description The issue allows remote attackers to cause a denial of service via a malformed response to an RTYPE ANY query, resulting in an assertion failure and daemon exit. This is due to the improper handling of responses during recursion.

Recommendations For ISC BIND 9.x before 9.9.9-P5, update to version 9.9.9-P5 or later. For ISC BIND 9.10.x before 9.10.4-P5, update to version 9.10.4-P5 or later. For ISC BIND 9.11.x before 9.11.0-P2, update to version 9.11.0-P2 or later.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2017-1055

CESA-2017_0062

CVE-2016-9131

DLA-805-1

DSA-3758-1

MGASA-2017-0478

OPENSUSE-SU-2017_0182-1

OPENSUSE-SU-2017_0193-1

OPENSUSE-SU-2024:10650-1

RHSA-2017:0062

RHSA-2017:1583

RHSA-2017_0062

SUSE-SU-2017:0111-1

SUSE-SU-2017:0112-1

SUSE-SU-2017:0113-1

SUSE-SU-2017_0111-1

SUSE-SU-2017_0112-1

SUSE-SU-2017_0113-1

USN-3172-1

Affected Products

Alt Linux

Bind Server

Centos

Ibm Aix

Isc Bind 9.10.X

Isc Bind 9.11.X

Isc Bind 9.X

Red Hat

Suse

Ubuntu

PT-2017-9968 · Isc+7 · Isc Bind 9.11.X+9

CVE-2016-9131

Weakness Enumeration

Related Identifiers

Affected Products

References · 129