ID CVE-2016-8864
Summary named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
References
Vulnerable Configurations
  • ISC BIND 9.0
    cpe:2.3:a:isc:bind:9.0
  • ISC BIND 9.0.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.0:rc1
  • ISC BIND 9.0.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.0:rc2
  • ISC BIND 9.0.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.0.0:rc3
  • ISC BIND 9.0.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.0.0:rc4
  • ISC BIND 9.0.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.0.0:rc5
  • ISC BIND 9.0.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.0.0:rc6
  • ISC BIND 9.0.1
    cpe:2.3:a:isc:bind:9.0.1
  • ISC BIND 9.0.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.1:rc1
  • ISC BIND 9.0.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.1:rc2
  • ISC BIND 9.1
    cpe:2.3:a:isc:bind:9.1
  • ISC BIND 9.1.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.0:rc1
  • ISC BIND 9.1.1
    cpe:2.3:a:isc:bind:9.1.1
  • ISC BIND 9.1.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.1:rc1
  • ISC BIND 9.1.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.1:rc2
  • ISC BIND 9.1.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.1:rc3
  • ISC BIND 9.1.1 Release Candidate 4
    cpe:2.3:a:isc:bind:9.1.1:rc4
  • ISC BIND 9.1.1 Release Candidate 5
    cpe:2.3:a:isc:bind:9.1.1:rc5
  • ISC BIND 9.1.1 Release Candidate 6
    cpe:2.3:a:isc:bind:9.1.1:rc6
  • ISC BIND 9.1.1 Release Candidate 7
    cpe:2.3:a:isc:bind:9.1.1:rc7
  • ISC BIND 9.1.2
    cpe:2.3:a:isc:bind:9.1.2
  • ISC BIND 9.1.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.2:rc1
  • ISC BIND 9.1.3
    cpe:2.3:a:isc:bind:9.1.3
  • ISC BIND 9.1.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.3:rc1
  • ISC BIND 9.1.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.3:rc2
  • ISC BIND 9.1.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.3:rc3
  • ISC BIND 9.2.0
    cpe:2.3:a:isc:bind:9.2.0
  • ISC BIND 9.2.0 Alpha 1
    cpe:2.3:a:isc:bind:9.2.0:a1
  • ISC BIND 9.2.0 Alpha 2
    cpe:2.3:a:isc:bind:9.2.0:a2
  • ISC BIND 9.2.0 Alpha 3
    cpe:2.3:a:isc:bind:9.2.0:a3
  • ISC BIND 9.2.0 Beta 1
    cpe:2.3:a:isc:bind:9.2.0:b1
  • ISC BIND 9.2.0 Beta 2
    cpe:2.3:a:isc:bind:9.2.0:b2
  • ISC BIND 9.2.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.0:rc1
  • ISC BIND 9.2.0 Release Candidate 10
    cpe:2.3:a:isc:bind:9.2.0:rc10
  • ISC BIND 9.2.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.0:rc2
  • ISC BIND 9.2.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.0:rc3
  • ISC BIND 9.2.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.0:rc4
  • ISC BIND 9.2.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.0:rc5
  • ISC BIND 9.2.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.0:rc6
  • ISC BIND 9.2.0 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.0:rc7
  • ISC BIND 9.2.0 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.0:rc8
  • ISC BIND 9.2.0 Release Candidate 9
    cpe:2.3:a:isc:bind:9.2.0:rc9
  • ISC BIND 9.2.1
    cpe:2.3:a:isc:bind:9.2.1
  • ISC BIND 9.2.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.1:rc1
  • ISC BIND 9.2.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.1:rc2
  • ISC BIND 9.2.2
    cpe:2.3:a:isc:bind:9.2.2
  • ISC BIND 9.2.2 Patch 2
    cpe:2.3:a:isc:bind:9.2.2:p2
  • ISC BIND 9.2.2 P3
    cpe:2.3:a:isc:bind:9.2.2:p3
  • ISC BIND 9.2.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.2:rc1
  • ISC BIND 9.2.3
    cpe:2.3:a:isc:bind:9.2.3
  • ISC BIND 9.2.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.3:rc1
  • ISC BIND 9.2.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.3:rc2
  • ISC BIND 9.2.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.3:rc3
  • ISC BIND 9.2.3 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.3:rc4
  • ISC BIND 9.2.4
    cpe:2.3:a:isc:bind:9.2.4
  • ISC BIND 9.2.4 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.4:rc2
  • ISC BIND 9.2.4 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.4:rc3
  • ISC BIND 9.2.4 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.4:rc4
  • ISC BIND 9.2.4 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.4:rc5
  • ISC BIND 9.2.4 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.4:rc6
  • ISC BIND 9.2.4 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.4:rc7
  • ISC BIND 9.2.4 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.4:rc8
  • ISC BIND 9.2.5
    cpe:2.3:a:isc:bind:9.2.5
  • ISC BIND 9.2.5 Beta 2
    cpe:2.3:a:isc:bind:9.2.5:b2
  • ISC BIND 9.2.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.5:rc1
  • ISC BIND 9.2.6
    cpe:2.3:a:isc:bind:9.2.6
  • ISC BIND 9.2.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.6:rc1
  • ISC BIND 9.2.7
    cpe:2.3:a:isc:bind:9.2.7
  • ISC BIND 9.2.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.7:rc1
  • ISC BIND 9.2.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.7:rc2
  • ISC BIND 9.2.7 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.7:rc3
  • ISC BIND 9.2.8
    cpe:2.3:a:isc:bind:9.2.8
  • ISC BIND 9.2.9
    cpe:2.3:a:isc:bind:9.2.9
  • ISC BIND 9.2.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.9:rc1
  • ISC BIND 9.3
    cpe:2.3:a:isc:bind:9.3
  • ISC BIND 9.3.0
    cpe:2.3:a:isc:bind:9.3.0
  • ISC BIND 9.3.0 Beta 2
    cpe:2.3:a:isc:bind:9.3.0:b2
  • ISC BIND 9.3.0 Beta 3
    cpe:2.3:a:isc:bind:9.3.0:b3
  • ISC BIND 9.3.0 Beta 4
    cpe:2.3:a:isc:bind:9.3.0:b4
  • ISC BIND 9.3.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.0:rc1
  • ISC BIND 9.3.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.0:rc2
  • ISC BIND 9.3.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.0:rc3
  • ISC BIND 9.3.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.3.0:rc4
  • ISC BIND 9.3.1
    cpe:2.3:a:isc:bind:9.3.1
  • ISC BIND 9.3.1 Beta 2
    cpe:2.3:a:isc:bind:9.3.1:b2
  • ISC BIND 9.3.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.1:rc1
  • ISC BIND 9.3.2
    cpe:2.3:a:isc:bind:9.3.2
  • ISC BIND 9.3.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.2:rc1
  • ISC BIND 9.3.3
    cpe:2.3:a:isc:bind:9.3.3
  • ISC BIND 9.3.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.3:rc1
  • ISC BIND 9.3.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.3:rc2
  • ISC BIND 9.3.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.3:rc3
  • ISC BIND 9.3.4
    cpe:2.3:a:isc:bind:9.3.4
  • ISC BIND 9.3.5
    cpe:2.3:a:isc:bind:9.3.5
  • ISC BIND 9.3.5 Patch 2 W1
    cpe:2.3:a:isc:bind:9.3.5:p2_w1
  • ISC BIND 9.3.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.5:rc1
  • ISC BIND 9.3.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.5:rc2
  • cpe:2.3:a:isc:bind:9.3.5-p2
    cpe:2.3:a:isc:bind:9.3.5-p2
  • ISC BIND 9.3.6
    cpe:2.3:a:isc:bind:9.3.6
  • ISC BIND 9.3.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.6:rc1
  • ISC BIND 9.4
    cpe:2.3:a:isc:bind:9.4
  • ISC BIND 9.4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:-:-:-:esv
  • ISC BIND 9.4 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:b1:-:-:esv
  • ISC BIND 9.4 Release 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r1:-:-:esv
  • ISC BIND 9.4 Release 2 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r2:-:-:esv
  • ISC BIND 9.4 Release 3 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r3:-:-:esv
  • ISC BIND 9.4 Release 4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4:-:-:esv
  • ISC BIND 9.4 Release 4 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5:-:-:esv
  • ISC BIND 9.4 Release 5 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-b1:-:-:esv
  • ISC BIND 9.4 Release 5 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Release Candidate 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-rc1:-:-:esv
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • cpe:2.3:a:isc:bind:9.4.1p1
    cpe:2.3:a:isc:bind:9.4.1p1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.2 Patch 2 W1
    cpe:2.3:a:isc:bind:9.4.2:p2_w1
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Patch 1
    cpe:2.3:a:isc:bind:9.4.3:p1
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.4.3 Patch 3
    cpe:2.3:a:isc:bind:9.4.3:p3
  • ISC BIND 9.4.3 Patch 4
    cpe:2.3:a:isc:bind:9.4.3:p4
  • ISC BIND 9.4.3 Patch 5
    cpe:2.3:a:isc:bind:9.4.3:p5
  • ISC BIND 9.4.3 rc1
    cpe:2.3:a:isc:bind:9.4.3:rc1
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.5.0 rc1
    cpe:2.3:a:isc:bind:9.5.0:rc1
  • ISC BIND 9.5.1
    cpe:2.3:a:isc:bind:9.5.1
  • ISC BIND 9.5.1 Beta 1
    cpe:2.3:a:isc:bind:9.5.1:b1
  • ISC BIND 9.5.1 Beta 2
    cpe:2.3:a:isc:bind:9.5.1:b2
  • ISC BIND 9.5.1 Beta 3
    cpe:2.3:a:isc:bind:9.5.1:b3
  • ISC BIND 9.5.1 rc1
    cpe:2.3:a:isc:bind:9.5.1:rc1
  • ISC BIND 9.5.1 rc2
    cpe:2.3:a:isc:bind:9.5.1:rc2
  • ISC BIND 9.5.2
    cpe:2.3:a:isc:bind:9.5.2
  • ISC BIND 9.5.2 Beta 1
    cpe:2.3:a:isc:bind:9.5.2:b1
  • ISC BIND 9.5.2 Patch 1
    cpe:2.3:a:isc:bind:9.5.2:p1
  • ISC BIND 9.5.2 Patch 2
    cpe:2.3:a:isc:bind:9.5.2:p2
  • ISC BIND 9.5.2 Patch 3
    cpe:2.3:a:isc:bind:9.5.2:p3
  • ISC BIND 9.5.2 Patch 4
    cpe:2.3:a:isc:bind:9.5.2:p4
  • ISC BIND 9.5.2 release candidate 1
    cpe:2.3:a:isc:bind:9.5.2:rc1
  • ISC BIND 9.5.3 Beta 1
    cpe:2.3:a:isc:bind:9.5.3:b1
  • ISC BIND 9.5.3 release candidate 1
    cpe:2.3:a:isc:bind:9.5.3:rc1
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6
    cpe:2.3:a:isc:bind:9.6:r6:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Beta 1
    cpe:2.3:a:isc:bind:9.6:r6_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6:r6_rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.6:r6_rc2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7
    cpe:2.3:a:isc:bind:9.6:r7:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 1
    cpe:2.3:a:isc:bind:9.6:r7_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 2
    cpe:2.3:a:isc:bind:9.6:r7_p2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9
    cpe:2.3:a:isc:bind:9.6:r9:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9 Patch 1
    cpe:2.3:a:isc:bind:9.6:r9_p1:-:-:esv
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.2 Beta 1
    cpe:2.3:a:isc:bind:9.6.2:b1
  • ISC BIND 9.6.2 Patch 1
    cpe:2.3:a:isc:bind:9.6.2:p1
  • ISC BIND 9.6.2 Patch 2
    cpe:2.3:a:isc:bind:9.6.2:p2
  • ISC BIND 9.6.2 Patch 3
    cpe:2.3:a:isc:bind:9.6.2:p3
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.3 Beta 1
    cpe:2.3:a:isc:bind:9.6.3:b1
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • cpe:2.3:a:isc:bind:9.7.2b1
    cpe:2.3:a:isc:bind:9.7.2b1
  • cpe:2.3:a:isc:bind:9.7.2rc1
    cpe:2.3:a:isc:bind:9.7.2rc1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4P1
    cpe:2.3:a:isc:bind:9.7.4:p1
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.7.5
    cpe:2.3:a:isc:bind:9.7.5
  • ISC BIND 9.7.5 B1
    cpe:2.3:a:isc:bind:9.7.5:b1
  • ISC BIND 9.7.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.5:rc1
  • ISC BIND 9.7.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.5:rc2
  • ISC BIND 9.7.6
    cpe:2.3:a:isc:bind:9.7.6
  • ISC BIND 9.7.6-p1
    cpe:2.3:a:isc:bind:9.7.6:p1
  • ISC BIND 9.7.6-p2
    cpe:2.3:a:isc:bind:9.7.6:p2
  • ISC BIND 9.7.6 Patch 3
    cpe:2.3:a:isc:bind:9.7.6:p3
  • ISC BIND 9.7.6 Patch 4
    cpe:2.3:a:isc:bind:9.7.6:p4
  • ISC BIND 9.7.7
    cpe:2.3:a:isc:bind:9.7.7
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0-P4
    cpe:2.3:a:isc:bind:9.8.0:p4
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.1
    cpe:2.3:a:isc:bind:9.8.1
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
  • ISC BIND 9.8.1 B2
    cpe:2.3:a:isc:bind:9.8.1:b2
  • ISC BIND 9.8.1 B3
    cpe:2.3:a:isc:bind:9.8.1:b3
  • ISC BIND 9.8.1-P1
    cpe:2.3:a:isc:bind:9.8.1:p1
  • ISC BIND 9.8.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.1:rc1
  • ISC BIND 9.8.2
    cpe:2.3:a:isc:bind:9.8.2
  • ISC BIND 9.8.2 B1
    cpe:2.3:a:isc:bind:9.8.2:b1
  • ISC BIND 9.8.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.2:rc1
  • ISC BIND 9.8.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.8.2:rc2
  • ISC BIND 9.8.3
    cpe:2.3:a:isc:bind:9.8.3
  • ISC BIND 9.8.3-p1
    cpe:2.3:a:isc:bind:9.8.3:p1
  • ISC BIND 9.8.3-p2
    cpe:2.3:a:isc:bind:9.8.3:p2
  • ISC BIND 9.8.3 Patch 3
    cpe:2.3:a:isc:bind:9.8.3:p3
  • ISC BIND 9.8.3 Patch 4
    cpe:2.3:a:isc:bind:9.8.3:p4
  • ISC BIND 9.8.4
    cpe:2.3:a:isc:bind:9.8.4
  • ISC BIND 9.8.5
    cpe:2.3:a:isc:bind:9.8.5
  • ISC BIND 9.8.5 b1
    cpe:2.3:a:isc:bind:9.8.5:b1
  • ISC BIND 9.8.5 b2
    cpe:2.3:a:isc:bind:9.8.5:b2
  • ISC BIND 9.8.5 P1
    cpe:2.3:a:isc:bind:9.8.5:p1
  • ISC BIND 9.8.5 P2
    cpe:2.3:a:isc:bind:9.8.5:p2
  • ISC BIND 9.8.5 release candidate 1
    cpe:2.3:a:isc:bind:9.8.5:rc1
  • ISC BIND 9.8.5 release candidate 2
    cpe:2.3:a:isc:bind:9.8.5:rc2
  • ISC BIND 9.8.6b1
    cpe:2.3:a:isc:bind:9.8.6:b1
  • ISC BIND 9.8.6 release candidate 1
    cpe:2.3:a:isc:bind:9.8.6:rc1
  • ISC BIND 9.8.6 release candidate 2
    cpe:2.3:a:isc:bind:9.8.6:rc2
  • ISC BIND 9.9.0
    cpe:2.3:a:isc:bind:9.9.0
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.9.0b2
    cpe:2.3:a:isc:bind:9.9.0:b2
  • ISC BIND 9.9.0 release candidate 1
    cpe:2.3:a:isc:bind:9.9.0:rc1
  • ISC BIND 9.9.0 release candidate 2
    cpe:2.3:a:isc:bind:9.9.0:rc2
  • ISC BIND 9.9.0 release candidate 3
    cpe:2.3:a:isc:bind:9.9.0:rc3
  • ISC BIND 9.9.0 release candidate 4
    cpe:2.3:a:isc:bind:9.9.0:rc4
  • ISC BIND 9.9.1
    cpe:2.3:a:isc:bind:9.9.1
  • ISC BIND 9.9.1-p1
    cpe:2.3:a:isc:bind:9.9.1:p1
  • ISC BIND 9.9.1-p2
    cpe:2.3:a:isc:bind:9.9.1:p2
  • ISC BIND 9.9.1 Patch 3
    cpe:2.3:a:isc:bind:9.9.1:p3
  • ISC BIND 9.9.1 Patch 4
    cpe:2.3:a:isc:bind:9.9.1:p4
  • ISC BIND 9.9.2
    cpe:2.3:a:isc:bind:9.9.2
  • ISC BIND 9.9.2 P1
    cpe:2.3:a:isc:bind:9.9.2:p1
  • ISC BIND 9.9.2 P2
    cpe:2.3:a:isc:bind:9.9.2:p2
  • ISC BIND 9.9.3
    cpe:2.3:a:isc:bind:9.9.3
  • ISC BIND 9.9.3 b1
    cpe:2.3:a:isc:bind:9.9.3:b1
  • ISC BIND 9.9.3 b2
    cpe:2.3:a:isc:bind:9.9.3:b2
  • ISC BIND 9.9.3p1
    cpe:2.3:a:isc:bind:9.9.3:p1
  • ISC BIND 9.9.3p2
    cpe:2.3:a:isc:bind:9.9.3:p2
  • ISC BIND 9.9.3 release candidate 1
    cpe:2.3:a:isc:bind:9.9.3:rc1
  • ISC BIND 9.9.3 release candidate 2
    cpe:2.3:a:isc:bind:9.9.3:rc2
  • ISC BIND 9.9.4b1
    cpe:2.3:a:isc:bind:9.9.4:b1
  • ISC BIND 9.9.5
    cpe:2.3:a:isc:bind:9.9.5
  • ISC BIND 9.9.6
    cpe:2.3:a:isc:bind:9.9.6
  • ISC BIND 9.9.6 p1
    cpe:2.3:a:isc:bind:9.9.6:p1
  • ISC BIND 9.9.7 b1
    cpe:2.3:a:isc:bind:9.9.7:b1
  • ISC BIND 9.9.7 Patch 1
    cpe:2.3:a:isc:bind:9.9.7:p1
  • ISC BIND 9.9.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.7:rc1
  • ISC BIND 9.9.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.9.7:rc2
  • ISC BIND 9.9.8
    cpe:2.3:a:isc:bind:9.9.8
  • ISC Bind 9.9.8 Patch 2
    cpe:2.3:a:isc:bind:9.9.8:p2
  • ISC BIND 9.9.8 Patch 3
    cpe:2.3:a:isc:bind:9.9.8:p3
  • ISC BIND 9.9.8 P4
    cpe:2.3:a:isc:bind:9.9.8:p4
  • ISC BIND 9.9.8 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.8:rc1
  • ISC BIND 9.9.8 S1
    cpe:2.3:a:isc:bind:9.9.8:s1
  • ISC BIND 9.9.8 Supported Preview Edition 2
    cpe:2.3:a:isc:bind:9.9.8:s2
  • ISC BIND 9.9.8 Supported Preview Edition 3
    cpe:2.3:a:isc:bind:9.9.8:s3
  • ISC BIND 9.9.8 Supported Preview Edition 4
    cpe:2.3:a:isc:bind:9.9.8:s4
  • ISC BIND 9.9.8 S5
    cpe:2.3:a:isc:bind:9.9.8:s5
  • ISC BIND 9.9.8 S6
    cpe:2.3:a:isc:bind:9.9.8:s6
  • ISC BIND 9.9.9
    cpe:2.3:a:isc:bind:9.9.9
  • ISC BIND 9.9.9 B1
    cpe:2.3:a:isc:bind:9.9.9:b1
  • ISC BIND 9.9.9 B2
    cpe:2.3:a:isc:bind:9.9.9:b2
  • ISC BIND 9.9.9 P1
    cpe:2.3:a:isc:bind:9.9.9:p1
  • ISC BIND 9.9.9 Patch 3
    cpe:2.3:a:isc:bind:9.9.9:p3
  • ISC BIND 9.9.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:rc1
  • ISC BIND 9.9.9 S1
    cpe:2.3:a:isc:bind:9.9.9:s1
  • ISC BIND 9.9.9 S1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:s1rc1
  • ISC BIND 9.10.0
    cpe:2.3:a:isc:bind:9.10.0
  • ISC BIND 9.10.0 Alpha 1
    cpe:2.3:a:isc:bind:9.10.0:a1
  • ISC BIND 9.10.0 Alpha 2
    cpe:2.3:a:isc:bind:9.10.0:a2
  • ISC BIND 9.10.0 Beta 1
    cpe:2.3:a:isc:bind:9.10.0:b1
  • ISC BIND 9.10.0 Beta 2
    cpe:2.3:a:isc:bind:9.10.0:b2
  • ISC BIND 9.10.0 Patch 1
    cpe:2.3:a:isc:bind:9.10.0:p1
  • ISC BIND 9.10.0 Patch 2
    cpe:2.3:a:isc:bind:9.10.0:p2
  • ISC BIND 9.10.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.0:rc1
  • ISC BIND 9.10.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.0:rc2
  • ISC BIND 9.10.1
    cpe:2.3:a:isc:bind:9.10.1
  • ISC BIND 9.10.1 Beta 1
    cpe:2.3:a:isc:bind:9.10.1:b1
  • ISC BIND 9.10.1 Beta 2
    cpe:2.3:a:isc:bind:9.10.1:b2
  • ISC BIND 9.10.1 p1
    cpe:2.3:a:isc:bind:9.10.1:p1
  • ISC BIND 9.10.1 Patch 2
    cpe:2.3:a:isc:bind:9.10.1:p2
  • ISC BIND 9.10.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.1:rc1
  • ISC BIND 9.10.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.1:rc2
  • ISC BIND 9.10.2 b2
    cpe:2.3:a:isc:bind:9.10.2:b1
  • ISC BIND 9.10.2 P1
    cpe:2.3:a:isc:bind:9.10.2:p1
  • ISC BIND 9.10.2 Patch 2
    cpe:2.3:a:isc:bind:9.10.2:p2
  • ISC BIND 9.10.2 P3
    cpe:2.3:a:isc:bind:9.10.2:p3
  • ISC BIND 9.10.2 P4
    cpe:2.3:a:isc:bind:9.10.2:p4
  • ISC BIND 9.10.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.2:rc1
  • ISC BIND 9.10.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.2:rc2
  • ISC BIND 9.10.3
    cpe:2.3:a:isc:bind:9.10.3
  • ISC BIND 9.10.3 Beta 1
    cpe:2.3:a:isc:bind:9.10.3:b1
  • ISC Bind 9.10.3 Patch 1
    cpe:2.3:a:isc:bind:9.10.3:p1
  • ISC Bind 9.10.3 Patch 2
    cpe:2.3:a:isc:bind:9.10.3:p2
  • ISC BIND 9.10.3 Patch 3
    cpe:2.3:a:isc:bind:9.10.3:p3
  • ISC BIND 9.10.3 P4
    cpe:2.3:a:isc:bind:9.10.3:p4
  • ISC BIND 9.10.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.3:rc1
  • ISC BIND 9.10.4 B2
    cpe:2.3:a:isc:bind:9.10.4:b2
  • ISC BIND 9.10.4 B3
    cpe:2.3:a:isc:bind:9.10.4:b3
  • ISC BIND 9.10.4 Patch 2
    cpe:2.3:a:isc:bind:9.10.4:p2
  • ISC BIND 9.10.4 Patch 3
    cpe:2.3:a:isc:bind:9.10.4:p3
  • ISC BIND 9.10.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.4:rc1
  • ISC BIND 9.11.0 Alpha 1
    cpe:2.3:a:isc:bind:9.11.0:a1
  • ISC BIND 9.11.0 Alpha 2
    cpe:2.3:a:isc:bind:9.11.0:a2
  • ISC BIND 9.11.0 Alpha 3
    cpe:2.3:a:isc:bind:9.11.0:a3
  • ISC BIND 9.11.0 Beta 1
    cpe:2.3:a:isc:bind:9.11.0:b1
  • ISC BIND 9.11.0 Beta 2
    cpe:2.3:a:isc:bind:9.11.0:b2
  • ISC BIND 9.11.0 Beta 3
    cpe:2.3:a:isc:bind:9.11.0:b3
  • ISC BIND 9.11.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.0:rc1
CVSS
Base: 5.0 (as of 29-11-2016 - 14:09)
Impact:
Exploitability:
CWE CWE-19
CAPEC
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • XML Nested Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By nesting XML data and causing this data to be continuously self-referential, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization. An attacker's goal is to leverage parser failure to his or her advantage. In most cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it may be possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.230.1].
  • XML Oversized Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An attacker's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1].
  • XML Client-Side Attack
    Client applications such as web browsers that process HTML data often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.484.1]
  • XML Parser Attack
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.99.1]
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91214.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 95890
    published 2016-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95890
    title AIX 7.1 TL 3 : bind (IV91214) (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1583.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) * A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131) * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147) * A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444) * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137) Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters of CVE-2016-8864. Bug Fix(es) : * ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK is essential for ensuring that validating DNS resolvers continue to function following the rollover. (BZ#1459648)
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 101100
    published 2017-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101100
    title RHEL 7 : bind (RHSA-2017:1583)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-9417B4C1DC.NASL
    description Allow zone size limit (CVE-2016-6170) ---- Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 94926
    published 2016-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94926
    title Fedora 24 : bind99 (2016-9417b4c1dc)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0100.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix DNSKEY that encountered a CNAME (#1447869, ISC change 3391) - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 100090
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100090
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0100)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91257.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 96154
    published 2016-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96154
    title AIX 7.2 TL 1 : bind (IV91257) (deprecated)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-D0C9BF9508.NASL
    description Security fix for CVE-2017-3135 (unaffected), fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-04-21
    plugin id 97541
    published 2017-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97541
    title Fedora 24 : bind99 (2017-d0c9bf9508)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0034.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 96591
    published 2017-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96591
    title OracleVM 3.2 : bind (OVMSA-2017-0034)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2871.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 95563
    published 2016-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95563
    title RHEL 6 : bind (RHSA-2016:2871)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-46137973BA.NASL
    description Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 95000
    published 2016-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95000
    title Fedora 25 : 32:bind (2016-46137973ba)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL35322517.NASL
    description named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. (CVE-2016-8864)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 97154
    published 2017-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97154
    title F5 Networks BIG-IP : BIND vulnerability (K35322517)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-8E39076950.NASL
    description Security fix for CVE-2016-6170 ---- Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 95305
    published 2016-11-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95305
    title Fedora 23 : bind99 (2016-8e39076950)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2706-1.NASL
    description This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829). - Fix BIND to return a valid hostname in response to ldapdump queries. (bsc#965748) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94507
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94507
    title SUSE SLES11 Security Update : bind (SUSE-SU-2016:2706-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2615.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 94605
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94605
    title RHEL 7 : bind (RHSA-2016:2615)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1273.NASL
    description This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829). - Fix BIND to return a valid hostname in response to ldapdump queries. (bsc#965748) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 94620
    published 2016-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94620
    title openSUSE Security Update : bind (openSUSE-2016-1273)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91255.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 95892
    published 2016-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95892
    title AIX 7.1 TL 4 : bind (IV91255) (deprecated)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91253.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 96152
    published 2016-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96152
    title AIX 5.3 TL 12 : bind (IV91253) (deprecated)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-96B7F4F53E.NASL
    description Security fix for CVE-2017-3135 (unaffected), fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-04-21
    plugin id 97536
    published 2017-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97536
    title Fedora 25 : bind99 (2017-96b7f4f53e)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-567A5591E4.NASL
    description Security fix for CVE-2016-6170 ---- Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 95003
    published 2016-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95003
    title Fedora 25 : bind99 (2016-567a5591e4)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0033.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 96590
    published 2017-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96590
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0033)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0066.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 99569
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99569
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_0B8D01A4A0D211E69CA2D050996490D0.NASL
    description ISC reports : A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 94491
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94491
    title FreeBSD : BIND -- Remote Denial of Service vulnerability (0b8d01a4-a0d2-11e6-9ca2-d050996490d0)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-696.NASL
    description Tony Finch and Marco Davids reported an assertion failure in BIND, a DNS server implementation, which causes the server process to terminate. This denial of service vulnerability is related to a defect in the processing of responses with DNAME records from authoritative servers and primarily affects recursive resolvers. For Debian 7 'Wheezy', these problems have been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u13. We recommend that you upgrade your bind9 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 94477
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94477
    title Debian DLA-696-1 : bind9 security update
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2016-768.NASL
    description A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 94974
    published 2016-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94974
    title Amazon Linux AMI : bind (ALAS-2016-768)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1272.NASL
    description This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829).
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 94619
    published 2016-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94619
    title openSUSE Security Update : bind (openSUSE-2016-1272)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161103_BIND_ON_SL7_X.NASL
    description Security Fix(es) : - A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 95834
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95834
    title Scientific Linux Security Update : bind on SL7.x x86_64
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2016-0153.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 94498
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94498
    title OracleVM 3.2 : bind (OVMSA-2016-0153)
  • NASL family AIX Local Security Checks
    NASL id AIX_BIND_ADVISORY14.NASL
    description The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists when handling malformed options sections. An unauthenticated, remote attacker can exploit this, via a specially crafted OPT resource record, to cause an assertion failure, resulting in a daemon exit. (CVE-2016-2848) - A denial of service vulnerability exists due to improper handling of a recursive response containing a DNAME record in the answer section. An unauthenticated, remote attacker can exploit this to cause an assertion failure and daemon exit. (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-07-17
    plugin id 102126
    published 2017-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102126
    title AIX bind Advisory : bind_advisory14.asc (IV91214) (IV91253) (IV91254) (IV91255) (IV91256) (IV91257)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2016-1079.NASL
    description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 99839
    published 2017-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99839
    title EulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1079)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2141.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 94502
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94502
    title RHEL 5 / 6 : bind (RHSA-2016:2141)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2142.NASL
    description An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 94503
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94503
    title RHEL 5 : bind97 (RHSA-2016:2142)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2016-2142.NASL
    description From Red Hat Security Advisory 2016:2142 : An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 94496
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94496
    title Oracle Linux 5 : bind97 (ELSA-2016-2142)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161102_BIND_ON_SL5_X.NASL
    description Security Fix(es) : - A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 94571
    published 2016-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94571
    title Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-E38196B52A.NASL
    description Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 94749
    published 2016-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94749
    title Fedora 24 : 32:bind (2016-e38196b52a)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2016-2141.NASL
    description From Red Hat Security Advisory 2016:2141 : An update for bind is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 94495
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94495
    title Oracle Linux 5 / 6 : bind (ELSA-2016-2141)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2141.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 94471
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94471
    title CentOS 5 / 6 : bind (CESA-2016:2141)
  • NASL family DNS
    NASL id BIND9_CVE-2016-8864.NASL
    description According to its self-reported version number, the instance of ISC BIND 9 running on the remote name server is affected by a denial of service vulnerability due to improper handling of a recursive response containing a DNAME record in the answer section. An unauthenticated, remote attacker can exploit this to cause an assertion failure and daemon exit. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-12-07
    plugin id 94577
    published 2016-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94577
    title ISC BIND 9 Recursive Response DNAME Record Handling DoS
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201701-26.NASL
    description The remote host is affected by the vulnerability described in GLSA-201701-26 (BIND: Denial of Service) A defect in BIND’s handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c. Impact : A remote attacker could send a specially crafted DNS request to the BIND resolver possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 96420
    published 2017-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96420
    title GLSA-201701-26 : BIND: Denial of Service
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2696-1.NASL
    description This update for bind fixes the following security issue : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94504
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94504
    title SUSE SLES12 Security Update : bind (SUSE-SU-2016:2696-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2142.NASL
    description An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 94472
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94472
    title CentOS 5 : bind97 (CESA-2016:2142)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2016-0152.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 94497
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94497
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2016-0152)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-605FD98C32.NASL
    description Security fix for CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 95376
    published 2016-11-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95376
    title Fedora 23 : 32:bind (2016-605fd98c32)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91254.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 95891
    published 2016-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95891
    title AIX 6.1 TL 9 : bind (IV91254) (deprecated)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2016-308-02.NASL
    description New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2017-09-21
    plugin id 94517
    published 2016-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94517
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2016-308-02)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2697-1.NASL
    description This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829). - Fix BIND to return a valid hostname in response to ldapdump queries. (bsc#965748) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94505
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94505
    title SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2697-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3703.NASL
    description Tony Finch and Marco Davids reported an assertion failure in BIND, a DNS server implementation, which causes the server process to terminate. This denial-of-service vulnerability is related to a defect in the processing of responses with DNAME records from authoritative servers and primarily affects recursive resolvers.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 94478
    published 2016-11-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94478
    title Debian DSA-3703-1 : bind9 - security update
  • NASL family AIX Local Security Checks
    NASL id AIX_IV91256.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory14.nasl (plugin id 102126).
    last seen 2017-10-29
    modified 2017-08-03
    plugin id 96153
    published 2016-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96153
    title AIX 7.2 TL 0 : bind (IV91256) (deprecated)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2016-2615.NASL
    description From Red Hat Security Advisory 2016:2615 : An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 94727
    published 2016-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94727
    title Oracle Linux 7 : bind (ELSA-2016-2615)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3119-1.NASL
    description Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 94468
    published 2016-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94468
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : bind9 vulnerability (USN-3119-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161102_BIND97_ON_SL5_X.NASL
    description Security Fix(es) : - A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 94570
    published 2016-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94570
    title Scientific Linux Security Update : bind97 on SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2615.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 95354
    published 2016-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95354
    title CentOS 7 : bind (CESA-2016:2615)
redhat via4
advisories
  • bugzilla
    id 1389652
    title CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment bind is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141002
          • comment bind is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057003
        • AND
          • comment bind-chroot is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141010
          • comment bind-chroot is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057005
        • AND
          • comment bind-devel is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141004
          • comment bind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057007
        • AND
          • comment bind-libbind-devel is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141006
          • comment bind-libbind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057015
        • AND
          • comment bind-libs is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141014
          • comment bind-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057017
        • AND
          • comment bind-sdb is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141016
          • comment bind-sdb is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057009
        • AND
          • comment bind-utils is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141012
          • comment bind-utils is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057011
        • AND
          • comment caching-nameserver is earlier than 30:9.3.6-25.P1.el5_11.11
            oval oval:com.redhat.rhsa:tst:20162141008
          • comment caching-nameserver is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057013
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment bind is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141028
          • comment bind is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975006
        • AND
          • comment bind-chroot is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141026
          • comment bind-chroot is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975012
        • AND
          • comment bind-devel is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141022
          • comment bind-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975010
        • AND
          • comment bind-libs is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141024
          • comment bind-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975016
        • AND
          • comment bind-sdb is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141030
          • comment bind-sdb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975014
        • AND
          • comment bind-utils is earlier than 32:9.8.2-0.47.rc1.el6_8.3
            oval oval:com.redhat.rhsa:tst:20162141032
          • comment bind-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975008
    rhsa
    id RHSA-2016:2141
    released 2016-11-02
    severity Important
    title RHSA-2016:2141: bind security update (Important)
  • bugzilla
    id 1389652
    title CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-21.P2.el5_11.9
          oval oval:com.redhat.rhsa:tst:20162142004
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-21.P2.el5_11.9
          oval oval:com.redhat.rhsa:tst:20162142002
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-21.P2.el5_11.9
          oval oval:com.redhat.rhsa:tst:20162142006
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-21.P2.el5_11.9
          oval oval:com.redhat.rhsa:tst:20162142010
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-21.P2.el5_11.9
          oval oval:com.redhat.rhsa:tst:20162142008
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
    rhsa
    id RHSA-2016:2142
    released 2016-11-02
    severity Important
    title RHSA-2016:2142: bind97 security update (Important)
  • bugzilla
    id 1389652
    title CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment bind is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615025
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975006
      • AND
        • comment bind-chroot is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615027
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975012
      • AND
        • comment bind-devel is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615017
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975010
      • AND
        • comment bind-libs is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615011
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975016
      • AND
        • comment bind-libs-lite is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615019
        • comment bind-libs-lite is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984041
      • AND
        • comment bind-license is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615031
        • comment bind-license is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984029
      • AND
        • comment bind-lite-devel is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615009
        • comment bind-lite-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984039
      • AND
        • comment bind-pkcs11 is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615023
        • comment bind-pkcs11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655032
      • AND
        • comment bind-pkcs11-devel is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615015
        • comment bind-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655028
      • AND
        • comment bind-pkcs11-libs is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615007
        • comment bind-pkcs11-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655030
      • AND
        • comment bind-pkcs11-utils is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615029
        • comment bind-pkcs11-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655023
      • AND
        • comment bind-sdb is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615021
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975014
      • AND
        • comment bind-sdb-chroot is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615005
        • comment bind-sdb-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984035
      • AND
        • comment bind-utils is earlier than 32:9.9.4-38.el7_3
          oval oval:com.redhat.rhsa:tst:20162615013
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975008
    rhsa
    id RHSA-2016:2615
    released 2016-11-03
    severity Important
    title RHSA-2016:2615: bind security update (Important)
  • rhsa
    id RHSA-2016:2871
  • rhsa
    id RHSA-2017:1583
rpms
  • bind-30:9.3.6-25.P1.el5_11.11
  • bind-chroot-30:9.3.6-25.P1.el5_11.11
  • bind-devel-30:9.3.6-25.P1.el5_11.11
  • bind-libbind-devel-30:9.3.6-25.P1.el5_11.11
  • bind-libs-30:9.3.6-25.P1.el5_11.11
  • bind-sdb-30:9.3.6-25.P1.el5_11.11
  • bind-utils-30:9.3.6-25.P1.el5_11.11
  • caching-nameserver-30:9.3.6-25.P1.el5_11.11
  • bind-32:9.8.2-0.47.rc1.el6_8.3
  • bind-chroot-32:9.8.2-0.47.rc1.el6_8.3
  • bind-devel-32:9.8.2-0.47.rc1.el6_8.3
  • bind-libs-32:9.8.2-0.47.rc1.el6_8.3
  • bind-sdb-32:9.8.2-0.47.rc1.el6_8.3
  • bind-utils-32:9.8.2-0.47.rc1.el6_8.3
  • bind97-32:9.7.0-21.P2.el5_11.9
  • bind97-chroot-32:9.7.0-21.P2.el5_11.9
  • bind97-devel-32:9.7.0-21.P2.el5_11.9
  • bind97-libs-32:9.7.0-21.P2.el5_11.9
  • bind97-utils-32:9.7.0-21.P2.el5_11.9
  • bind-32:9.9.4-38.el7_3
  • bind-chroot-32:9.9.4-38.el7_3
  • bind-devel-32:9.9.4-38.el7_3
  • bind-libs-32:9.9.4-38.el7_3
  • bind-libs-lite-32:9.9.4-38.el7_3
  • bind-license-32:9.9.4-38.el7_3
  • bind-lite-devel-32:9.9.4-38.el7_3
  • bind-pkcs11-32:9.9.4-38.el7_3
  • bind-pkcs11-devel-32:9.9.4-38.el7_3
  • bind-pkcs11-libs-32:9.9.4-38.el7_3
  • bind-pkcs11-utils-32:9.9.4-38.el7_3
  • bind-sdb-32:9.9.4-38.el7_3
  • bind-sdb-chroot-32:9.9.4-38.el7_3
  • bind-utils-32:9.9.4-38.el7_3
refmap via4
bid 94067
confirm
debian DSA-3703
freebsd FreeBSD-SA-16:34
gentoo GLSA-201701-26
sectrack 1037156
Last major update 08-05-2017 - 21:29
Published 02-11-2016 - 13:59
Last modified 27-09-2018 - 06:29
Back to Top