What is the severity of CVE-2015-8705?

CVE-2015-8705 has a severity rating that indicates it can lead to denial of service due to assertion failure or daemon crash when debug logging is enabled.

How do I fix CVE-2015-8705?

To fix CVE-2015-8705, upgrade ISC BIND to version 9.10.3-P3 or later where the vulnerability is resolved.

What can be exploited in CVE-2015-8705?

CVE-2015-8705 can be exploited through crafted OPT data or ECS options which may trigger assertion failures.

Who is impacted by CVE-2015-8705?

Organizations using ISC BIND versions 9.10.x before 9.10.3-P3 with debug logging enabled are impacted by CVE-2015-8705.

What type of vulnerability is CVE-2015-8705?

CVE-2015-8705 is classified as a denial of service vulnerability due to its potential to crash the BIND daemon.

Vulnerability/
CVE-2015-8705

high

CWE

20/1/2016

6/8/2024

CVE-2015-8705: Input Validation

First published: Wed Jan 20 2016(Updated: )

buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
BIND 9	=9.0
BIND 9	=9.0.1
BIND 9	=9.1
BIND 9	=9.1.1
BIND 9	=9.1.2
BIND 9	=9.1.3
BIND 9	=9.2
BIND 9	=9.2.0
BIND 9	=9.2.1
BIND 9	=9.2.2
BIND 9	=9.2.2-p3
BIND 9	=9.2.3
BIND 9	=9.2.4
BIND 9	=9.2.5
BIND 9	=9.2.6
BIND 9	=9.2.7
BIND 9	=9.3
BIND 9	=9.3.0
BIND 9	=9.3.1
BIND 9	=9.3.2
BIND 9	=9.3.3
BIND 9	=9.4
BIND 9	=9.4.0
BIND 9	=9.4.0-rc1
BIND 9	=9.4.1
BIND 9	=9.4.2
BIND 9	=9.4.3
BIND 9	=9.4.3-rc1
BIND 9	=9.5
BIND 9	=9.5.0
BIND 9	=9.5.0-rc1
BIND 9	=9.5.1
BIND 9	=9.5.1-rc1
BIND 9	=9.5.1-rc2
BIND 9	=9.5.2
BIND 9	=9.5.2-rc1
BIND 9	=9.5.3
BIND 9	=9.5.3-rc1
BIND 9	=9.6
BIND 9	=9.6-r5_p1
BIND 9	=9.6-r6_b1
BIND 9	=9.6-r6_rc1
BIND 9	=9.6-r6_rc2
BIND 9	=9.6-r7_p1
BIND 9	=9.6-r7_p2
BIND 9	=9.9.8-p2
BIND 9	=9.10.1
BIND 9	=9.10.1-p1
BIND 9	=9.10.2
BIND 9	=9.10.2-b1
BIND 9	=9.10.2-p1
BIND 9	=9.10.2-p2
BIND 9	=9.10.2-p3
BIND 9	=9.10.2-p4
BIND 9	=9.10.2-rc1
BIND 9	=9.10.3
BIND 9	=9.10.3-p1
BIND 9	=9.10.3-p2
BIND 9	=9.10.3-rc1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8705?
CVE-2015-8705 has a severity rating that indicates it can lead to denial of service due to assertion failure or daemon crash when debug logging is enabled.
How do I fix CVE-2015-8705?
To fix CVE-2015-8705, upgrade ISC BIND to version 9.10.3-P3 or later where the vulnerability is resolved.
What can be exploited in CVE-2015-8705?
CVE-2015-8705 can be exploited through crafted OPT data or ECS options which may trigger assertion failures.
Who is impacted by CVE-2015-8705?
Organizations using ISC BIND versions 9.10.x before 9.10.3-P3 with debug logging enabled are impacted by CVE-2015-8705.
What type of vulnerability is CVE-2015-8705?
CVE-2015-8705 is classified as a denial of service vulnerability due to its potential to crash the BIND daemon.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/isc
canonical/bind 9
version/bind 9/9.0
version/bind 9/9.0.1
version/bind 9/9.1
version/bind 9/9.1.1
version/bind 9/9.1.2
version/bind 9/9.1.3
version/bind 9/9.2
version/bind 9/9.2.0
version/bind 9/9.2.1
version/bind 9/9.2.2
version/bind 9/9.2.2-p3
version/bind 9/9.2.3
version/bind 9/9.2.4
version/bind 9/9.2.5
version/bind 9/9.2.6
version/bind 9/9.2.7
version/bind 9/9.3
version/bind 9/9.3.0
version/bind 9/9.3.1
version/bind 9/9.3.2
version/bind 9/9.3.3
version/bind 9/9.4
version/bind 9/9.4.0
version/bind 9/9.4.0-rc1
version/bind 9/9.4.1
version/bind 9/9.4.2
version/bind 9/9.4.3
version/bind 9/9.4.3-rc1
version/bind 9/9.5
version/bind 9/9.5.0
version/bind 9/9.5.0-rc1
version/bind 9/9.5.1
version/bind 9/9.5.1-rc1
version/bind 9/9.5.1-rc2
version/bind 9/9.5.2
version/bind 9/9.5.2-rc1
version/bind 9/9.5.3
version/bind 9/9.5.3-rc1
version/bind 9/9.6
version/bind 9/9.6-r5_p1
version/bind 9/9.6-r6_b1
version/bind 9/9.6-r6_rc1
version/bind 9/9.6-r6_rc2
version/bind 9/9.6-r7_p1
version/bind 9/9.6-r7_p2
version/bind 9/9.9.8-p2
version/bind 9/9.10.1
version/bind 9/9.10.1-p1
version/bind 9/9.10.2
version/bind 9/9.10.2-b1
version/bind 9/9.10.2-p1
version/bind 9/9.10.2-p2
version/bind 9/9.10.2-p3
version/bind 9/9.10.2-p4
version/bind 9/9.10.2-rc1
version/bind 9/9.10.3
version/bind 9/9.10.3-p1
version/bind 9/9.10.3-p2
version/bind 9/9.10.3-rc1

Frequently Asked Questions

What is the severity of CVE-2015-8705?
CVE-2015-8705 has a severity rating that indicates it can lead to denial of service due to assertion failure or daemon crash when debug logging is enabled.
How do I fix CVE-2015-8705?
To fix CVE-2015-8705, upgrade ISC BIND to version 9.10.3-P3 or later where the vulnerability is resolved.
What can be exploited in CVE-2015-8705?
CVE-2015-8705 can be exploited through crafted OPT data or ECS options which may trigger assertion failures.
Who is impacted by CVE-2015-8705?
Organizations using ISC BIND versions 9.10.x before 9.10.3-P3 with debug logging enabled are impacted by CVE-2015-8705.
What type of vulnerability is CVE-2015-8705?
CVE-2015-8705 is classified as a denial of service vulnerability due to its potential to crash the BIND daemon.

CVE-2015-8705: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8705?

How do I fix CVE-2015-8705?

What can be exploited in CVE-2015-8705?

Who is impacted by CVE-2015-8705?

What type of vulnerability is CVE-2015-8705?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-8705?

How do I fix CVE-2015-8705?

What can be exploited in CVE-2015-8705?

Who is impacted by CVE-2015-8705?

What type of vulnerability is CVE-2015-8705?