7.5

CVE-2016-8864

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version >= 9.0.0 < 9.9.9
IscBind Version >= 9.10.0 < 9.10.4
IscBind Version9.9.9 Update-
IscBind Version9.9.9 Updatebeta1
IscBind Version9.9.9 Updatebeta2
IscBind Version9.9.9 Updatep1
IscBind Version9.9.9 Updatep2
IscBind Version9.9.9 Updatep3
IscBind Version9.10.4 Update-
IscBind Version9.10.4 Updatebeta1
IscBind Version9.10.4 Updatebeta2
IscBind Version9.10.4 Updatebeta3
IscBind Version9.10.4 Updatep1
IscBind Version9.10.4 Updatep2
IscBind Version9.10.4 Updatep3
IscBind Version9.11.0 Update-
IscBind Version9.11.0 Updatealpha1
IscBind Version9.11.0 Updatealpha2
IscBind Version9.11.0 Updatealpha3
IscBind Version9.11.0 Updatebeta1
IscBind Version9.11.0 Updatebeta2
IscBind Version9.11.0 Updatebeta3
NetappData Ontap Edge Version-
NetappSolidfire Version-
RedhatEnterprise Linux Eus Version6.7
RedhatEnterprise Linux Eus Version7.2
RedhatEnterprise Linux Eus Version7.3
RedhatEnterprise Linux Eus Version7.4
RedhatEnterprise Linux Eus Version7.5
RedhatEnterprise Linux Eus Version7.6
RedhatEnterprise Linux Eus Version7.7
DebianDebian Linux Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 38.73% 0.984
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://kb.isc.org/article/AA-01438
Broken Link
https://kb.isc.org/article/AA-01435
Broken Link
https://kb.isc.org/article/AA-01436
Broken Link
https://security.netapp.com/advisory/ntap-20180926-0005/
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2141.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2142.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2615.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2871.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3703
Third Party Advisory
http://www.securityfocus.com/bid/94067
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037156
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:1583
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
Third Party Advisory
https://kb.isc.org/article/AA-01434
Vendor Advisory
https://kb.isc.org/article/AA-01437
Broken Link
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:34.bind.asc
Third Party Advisory
https://security.gentoo.org/glsa/201701-26
Third Party Advisory