CVE-2016-2776: Input Validation

First published: Wed Sep 28 2016(Updated: )

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Oracle Linux	=5.0
Oracle Linux	=6
Oracle Linux	=7
Oracle VM Server	=3.2
Oracle VM Server	=3.3
Oracle VM Server	=3.4
ISC BIND	<=9.9.9
ISC BIND	=9.10.0
ISC BIND	=9.10.0-a1
ISC BIND	=9.10.0-a2
ISC BIND	=9.10.0-b1
ISC BIND	=9.10.0-b2
ISC BIND	=9.10.0-p1
ISC BIND	=9.10.0-p2
ISC BIND	=9.10.0-rc1
ISC BIND	=9.10.0-rc2
ISC BIND	=9.10.1
ISC BIND	=9.10.1-b1
ISC BIND	=9.10.1-b2
ISC BIND	=9.10.1-p1
ISC BIND	=9.10.1-p2
ISC BIND	=9.10.1-rc1
ISC BIND	=9.10.1-rc2
ISC BIND	=9.10.2-b1
ISC BIND	=9.10.2-p1
ISC BIND	=9.10.2-p2
ISC BIND	=9.10.2-p3
ISC BIND	=9.10.2-p4
ISC BIND	=9.10.2-rc1
ISC BIND	=9.10.2-rc2
ISC BIND	=9.10.3
ISC BIND	=9.10.3-b1
ISC BIND	=9.10.3-p1
ISC BIND	=9.10.3-p2
ISC BIND	=9.10.3-p3
ISC BIND	=9.10.3-p4
ISC BIND	=9.10.3-rc1
ISC BIND	=9.10.4-p2
ISC BIND	=9.10.4-p3
ISC BIND	=9.11.0-a1
ISC BIND	=9.11.0-a2
ISC BIND	=9.11.0-a3
ISC BIND	=9.11.0-b1
ISC BIND	=9.11.0-b2
ISC BIND	=9.11.0-b3
ISC BIND	=9.11.0-rc1
HP HP-UX	=11.31
Oracle Solaris	=10.0
Oracle Solaris	=11.3

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/severity
agent/weakness
agent/author
agent/type
agent/event
agent/references
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/oracle
canonical/oracle linux
version/oracle linux/5.0
version/oracle linux/6
version/oracle linux/7
canonical/oracle vm server
version/oracle vm server/3.2
version/oracle vm server/3.3
version/oracle vm server/3.4
vendor/isc
canonical/isc bind
version/isc bind/9.9.9
version/isc bind/9.10.0
version/isc bind/9.10.0-a1
version/isc bind/9.10.0-a2
version/isc bind/9.10.0-b1
version/isc bind/9.10.0-b2
version/isc bind/9.10.0-p1
version/isc bind/9.10.0-p2
version/isc bind/9.10.0-rc1
version/isc bind/9.10.0-rc2
version/isc bind/9.10.1
version/isc bind/9.10.1-b1
version/isc bind/9.10.1-b2
version/isc bind/9.10.1-p1
version/isc bind/9.10.1-p2
version/isc bind/9.10.1-rc1
version/isc bind/9.10.1-rc2
version/isc bind/9.10.2-b1
version/isc bind/9.10.2-p1
version/isc bind/9.10.2-p2
version/isc bind/9.10.2-p3
version/isc bind/9.10.2-p4
version/isc bind/9.10.2-rc1
version/isc bind/9.10.2-rc2
version/isc bind/9.10.3
version/isc bind/9.10.3-b1
version/isc bind/9.10.3-p1
version/isc bind/9.10.3-p2
version/isc bind/9.10.3-p3
version/isc bind/9.10.3-p4
version/isc bind/9.10.3-rc1
version/isc bind/9.10.4-p2
version/isc bind/9.10.4-p3
version/isc bind/9.11.0-a1
version/isc bind/9.11.0-a2
version/isc bind/9.11.0-a3
version/isc bind/9.11.0-b1
version/isc bind/9.11.0-b2
version/isc bind/9.11.0-b3
version/isc bind/9.11.0-rc1
vendor/hp
canonical/hp hp-ux
version/hp hp-ux/11.31
canonical/oracle solaris
version/oracle solaris/10.0
version/oracle solaris/11.3

CVE-2016-2776: Input Validation

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact