7.5
CVE-2016-2848
- EPSS 25.77%
- Veröffentlicht 21.10.2016 10:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 25.77% | 0.977 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://rhn.redhat.com/errata/RHSA-2016-2099.html
http://rhn.redhat.com/errata/RHSA-2016-2093.html
http://rhn.redhat.com/errata/RHSA-2016-2094.html
http://www.securityfocus.com/bid/93809
http://www.securityfocus.com/bid/93814
http://www.securitytracker.com/id/1037073
https://bugzilla.redhat.com/show_bug.cgi?id=1385450
https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
https://security.netapp.com/advisory/ntap-20180926-0002/
https://security.netapp.com/advisory/ntap-20180926-0005/
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git%3Ba=commit%3Bh=4adf97c32fcca7d00e5756607fd045f2aab9c3d4