CVE-2016-8864

EPSS 43.01%
Veröffentlicht 02.11.2016 17:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Isc ≫ Bind Version >= 9.0.0 < 9.9.9

Isc ≫ Bind Version >= 9.10.0 < 9.10.4

Isc ≫ Bind Version9.9.9 Update-

Isc ≫ Bind Version9.9.9 Updatebeta1

Isc ≫ Bind Version9.9.9 Updatebeta2

Isc ≫ Bind Version9.9.9 Updatep1

Isc ≫ Bind Version9.9.9 Updatep2

Isc ≫ Bind Version9.9.9 Updatep3

Isc ≫ Bind Version9.10.4 Update-

Isc ≫ Bind Version9.10.4 Updatebeta1

Isc ≫ Bind Version9.10.4 Updatebeta2

Isc ≫ Bind Version9.10.4 Updatebeta3

Isc ≫ Bind Version9.10.4 Updatep1

Isc ≫ Bind Version9.10.4 Updatep2

Isc ≫ Bind Version9.10.4 Updatep3

Isc ≫ Bind Version9.11.0 Update-

Isc ≫ Bind Version9.11.0 Updatealpha1

Isc ≫ Bind Version9.11.0 Updatealpha2

Isc ≫ Bind Version9.11.0 Updatealpha3

Isc ≫ Bind Version9.11.0 Updatebeta1

Isc ≫ Bind Version9.11.0 Updatebeta2

Isc ≫ Bind Version9.11.0 Updatebeta3

Netapp ≫ Data Ontap Edge Version-

Netapp ≫ Solidfire Version-

Netapp ≫ Steelstore Cloud Integrated Storage Version-

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Eus Version6.7

Redhat ≫ Enterprise Linux Eus Version7.2

Redhat ≫ Enterprise Linux Eus Version7.3

Redhat ≫ Enterprise Linux Eus Version7.4

Redhat ≫ Enterprise Linux Eus Version7.5

Redhat ≫ Enterprise Linux Eus Version7.6

Redhat ≫ Enterprise Linux Eus Version7.7

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version6.2

Redhat ≫ Enterprise Linux Server Aus Version6.4

Redhat ≫ Enterprise Linux Server Aus Version6.5

Redhat ≫ Enterprise Linux Server Aus Version6.6

Redhat ≫ Enterprise Linux Server Aus Version7.2

Redhat ≫ Enterprise Linux Server Aus Version7.3

Redhat ≫ Enterprise Linux Server Aus Version7.4

Redhat ≫ Enterprise Linux Server Aus Version7.6

Redhat ≫ Enterprise Linux Server Aus Version7.7

Redhat ≫ Enterprise Linux Server Tus Version6.5

Redhat ≫ Enterprise Linux Server Tus Version6.6

Redhat ≫ Enterprise Linux Server Tus Version7.2

Redhat ≫ Enterprise Linux Server Tus Version7.3

Redhat ≫ Enterprise Linux Server Tus Version7.6

Redhat ≫ Enterprise Linux Server Tus Version7.7

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Redhat ≫ Enterprise Linux Workstation Version7.0

Debian ≫ Debian Linux Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	43.01%	0.974

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://kb.isc.org/article/AA-01438

Broken Link

https://kb.isc.org/article/AA-01435

Broken Link

https://kb.isc.org/article/AA-01436

Broken Link

https://security.netapp.com/advisory/ntap-20180926-0005/

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2141.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2142.html

Third Party Advisory