Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-9147 (GCVE-0-2016-9147)
Vulnerability from cvelistv5 – Published: 2017-01-12 06:06 – Updated: 2024-08-06 02:42
VLAI
EPSS
Summary
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1037582 | vdb-entryx_refsource_SECTRACK |
| https://security.gentoo.org/glsa/201708-01 | vendor-advisoryx_refsource_GENTOO |
| https://kb.isc.org/article/AA-01440/74/CVE-2016-9147 | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2018092… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:1582 | vendor-advisoryx_refsource_REDHAT |
| http://www.debian.org/security/2017/dsa-3758 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2017:1583 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/95390 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2017-0064.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2017-0063.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2017-0062.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2017-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:11.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01440/74/CVE-2016-9147"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3758",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3758"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "95390",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95390"
},
{
"name": "RHSA-2017:0064",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0064.html"
},
{
"name": "RHSA-2017:0063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0063.html"
},
{
"name": "RHSA-2017:0062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0062.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-27T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01440/74/CVE-2016-9147"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3758",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3758"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "95390",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95390"
},
{
"name": "RHSA-2017:0064",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0064.html"
},
{
"name": "RHSA-2017:0063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0063.html"
},
{
"name": "RHSA-2017:0062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0062.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037582",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://kb.isc.org/article/AA-01440/74/CVE-2016-9147",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01440/74/CVE-2016-9147"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "RHSA-2017:1582",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3758",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3758"
},
{
"name": "RHSA-2017:1583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "95390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95390"
},
{
"name": "RHSA-2017:0064",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0064.html"
},
{
"name": "RHSA-2017:0063",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0063.html"
},
{
"name": "RHSA-2017:0062",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0062.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9147",
"datePublished": "2017-01-12T06:06:00.000Z",
"dateReserved": "2016-11-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:42:11.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-9147",
"date": "2026-05-27",
"epss": "0.56165",
"percentile": "0.98138"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"795DA9EE-489D-402E-8427-C9E3650BA1E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7A167E4-4CAF-4FD7-92F0-986F1C12F4CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E211374-A4F5-41D4-A89E-E6522E9D0DFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"086C327B-DF9F-4D4E-A538-1E29FEDC34C5\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.\"}, {\"lang\": \"es\", \"value\": \"named en ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4 y 9.11.0-P1 permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (fallo de aserci\\u00f3n y salida de demonio) a trav\\u00e9s de una respuesta que contiene una inconsistencia entre los DNSSEC-related RRsets .\"}]",
"id": "CVE-2016-9147",
"lastModified": "2024-11-21T03:00:41.870",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-01-12T06:59:00.280",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0062.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0063.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0064.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3758\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/95390\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1037582\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1582\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1583\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://kb.isc.org/article/AA-01440/74/CVE-2016-9147\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0005/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0062.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0063.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0064.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3758\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/95390\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1037582\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1582\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1583\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://kb.isc.org/article/AA-01440/74/CVE-2016-9147\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0005/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9147\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-12T06:59:00.280\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.\"},{\"lang\":\"es\",\"value\":\"named en ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4 y 9.11.0-P1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y salida de demonio) a trav\u00e9s de una respuesta que contiene una inconsistencia entre los DNSSEC-related RRsets .\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"795DA9EE-489D-402E-8427-C9E3650BA1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7A167E4-4CAF-4FD7-92F0-986F1C12F4CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E211374-A4F5-41D4-A89E-E6522E9D0DFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"086C327B-DF9F-4D4E-A538-1E29FEDC34C5\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0062.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0063.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0064.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3758\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/95390\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1037582\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1582\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1583\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://kb.isc.org/article/AA-01440/74/CVE-2016-9147\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0005/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0062.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0063.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0064.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/95390\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037582\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1582\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1583\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.isc.org/article/AA-01440/74/CVE-2016-9147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2017:0113-1
Vulnerability from csaf_suse - Published: 2017-01-11 21:56 - Updated: 2017-01-11 21:56Summary
Security update for bind
Severity
Important
Notes
Title of the patch: Security update for bind
Description of the patch:
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]
- Fixed ldapdump to use a temporary pseudo nameserver that conforms to BIND's
expected syntax. Prior versions would not work correctly with an LDAP backed
DNS server. [bsc#965748]
Patchnames: SUSE-SLE-SAP-12-2017-52,SUSE-SLE-SERVER-12-2017-52
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for bind",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for bind fixes the following issues:\n\n- Fix a potential assertion failure that could have been triggered by a\n malformed response to an ANY query, thereby facilitating a denial-of-service\n attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]\n\n- Fix a potential assertion failure that could have been triggered by\n responding to a query with inconsistent DNSSEC information, thereby\n facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,\n bsc#1018699]\n\n- Fix potential assertion failure that could have been triggered by DNS\n responses that contain unusually-formed DS resource records, facilitating a\n denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]\n\n- Fixed ldapdump to use a temporary pseudo nameserver that conforms to BIND\u0027s\n expected syntax. Prior versions would not work correctly with an LDAP backed\n DNS server. [bsc#965748]\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2017-52,SUSE-SLE-SERVER-12-2017-52",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0113-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0113-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170113-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0113-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002556.html"
},
{
"category": "self",
"summary": "SUSE Bug 1018699",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "self",
"summary": "SUSE Bug 1018700",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "self",
"summary": "SUSE Bug 1018701",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "self",
"summary": "SUSE Bug 1018702",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "self",
"summary": "SUSE Bug 965748",
"url": "https://bugzilla.suse.com/965748"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9131 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9147 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9444 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9444/"
}
],
"title": "Security update for bind",
"tracking": {
"current_release_date": "2017-01-11T21:56:09Z",
"generator": {
"date": "2017-01-11T21:56:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0113-1",
"initial_release_date": "2017-01-11T21:56:09Z",
"revision_history": [
{
"date": "2017-01-11T21:56:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-doc-9.9.9P1-28.26.1.noarch",
"product": {
"name": "bind-doc-9.9.9P1-28.26.1.noarch",
"product_id": "bind-doc-9.9.9P1-28.26.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.9.9P1-28.26.1.ppc64le",
"product": {
"name": "bind-9.9.9P1-28.26.1.ppc64le",
"product_id": "bind-9.9.9P1-28.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"product": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"product_id": "bind-chrootenv-9.9.9P1-28.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-libs-9.9.9P1-28.26.1.ppc64le",
"product": {
"name": "bind-libs-9.9.9P1-28.26.1.ppc64le",
"product_id": "bind-libs-9.9.9P1-28.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-utils-9.9.9P1-28.26.1.ppc64le",
"product": {
"name": "bind-utils-9.9.9P1-28.26.1.ppc64le",
"product_id": "bind-utils-9.9.9P1-28.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.9.9P1-28.26.1.s390x",
"product": {
"name": "bind-9.9.9P1-28.26.1.s390x",
"product_id": "bind-9.9.9P1-28.26.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.9.9P1-28.26.1.s390x",
"product": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.s390x",
"product_id": "bind-chrootenv-9.9.9P1-28.26.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-libs-9.9.9P1-28.26.1.s390x",
"product": {
"name": "bind-libs-9.9.9P1-28.26.1.s390x",
"product_id": "bind-libs-9.9.9P1-28.26.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"product": {
"name": "bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"product_id": "bind-libs-32bit-9.9.9P1-28.26.1.s390x"
}
},
{
"category": "product_version",
"name": "bind-utils-9.9.9P1-28.26.1.s390x",
"product": {
"name": "bind-utils-9.9.9P1-28.26.1.s390x",
"product_id": "bind-utils-9.9.9P1-28.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.9.9P1-28.26.1.x86_64",
"product": {
"name": "bind-9.9.9P1-28.26.1.x86_64",
"product_id": "bind-9.9.9P1-28.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"product": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"product_id": "bind-chrootenv-9.9.9P1-28.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-libs-9.9.9P1-28.26.1.x86_64",
"product": {
"name": "bind-libs-9.9.9P1-28.26.1.x86_64",
"product_id": "bind-libs-9.9.9P1-28.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"product": {
"name": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"product_id": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.9.9P1-28.26.1.x86_64",
"product": {
"name": "bind-utils-9.9.9P1-28.26.1.x86_64",
"product_id": "bind-utils-9.9.9P1-28.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.9.9P1-28.26.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch"
},
"product_reference": "bind-doc-9.9.9P1-28.26.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-libs-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-utils-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.9.9P1-28.26.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le"
},
"product_reference": "bind-9.9.9P1-28.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.9.9P1-28.26.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x"
},
"product_reference": "bind-9.9.9P1-28.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le"
},
"product_reference": "bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x"
},
"product_reference": "bind-chrootenv-9.9.9P1-28.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.9.9P1-28.26.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch"
},
"product_reference": "bind-doc-9.9.9P1-28.26.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-9.9.9P1-28.26.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le"
},
"product_reference": "bind-libs-9.9.9P1-28.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-9.9.9P1-28.26.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x"
},
"product_reference": "bind-libs-9.9.9P1-28.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-libs-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32bit-9.9.9P1-28.26.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x"
},
"product_reference": "bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.9.9P1-28.26.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le"
},
"product_reference": "bind-utils-9.9.9P1-28.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.9.9P1-28.26.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x"
},
"product_reference": "bind-utils-9.9.9P1-28.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.9.9P1-28.26.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64"
},
"product_reference": "bind-utils-9.9.9P1-28.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9131"
}
],
"notes": [
{
"category": "general",
"text": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9131",
"url": "https://www.suse.com/security/cve/CVE-2016-9131"
},
{
"category": "external",
"summary": "SUSE Bug 1018699 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1033466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-11T21:56:09Z",
"details": "important"
}
],
"title": "CVE-2016-9131"
},
{
"cve": "CVE-2016-9147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9147"
}
],
"notes": [
{
"category": "general",
"text": "named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9147",
"url": "https://www.suse.com/security/cve/CVE-2016-9147"
},
{
"category": "external",
"summary": "SUSE Bug 1018699 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1033466"
},
{
"category": "external",
"summary": "SUSE Bug 1081545 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1081545"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9147",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-11T21:56:09Z",
"details": "important"
}
],
"title": "CVE-2016-9147"
},
{
"cve": "CVE-2016-9444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9444"
}
],
"notes": [
{
"category": "general",
"text": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9444",
"url": "https://www.suse.com/security/cve/CVE-2016-9444"
},
{
"category": "external",
"summary": "SUSE Bug 1018699 for CVE-2016-9444",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2016-9444",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2016-9444",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2016-9444",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2016-9444",
"url": "https://bugzilla.suse.com/1033466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:bind-utils-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-chrootenv-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-doc-9.9.9P1-28.26.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-32bit-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-libs-9.9.9P1-28.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:bind-utils-9.9.9P1-28.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-11T21:56:09Z",
"details": "important"
}
],
"title": "CVE-2016-9444"
}
]
}
WID-SEC-W-2025-1188
Vulnerability from csaf_certbund - Published: 2017-01-11 23:00 - Updated: 2025-05-29 22:00Summary
Internet Systems Consortium BIND: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Juniper Appliance
- Linux
- UNIX
- Windows
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Internet Systems Consortium BIND <9.9.9-P5
Internet Systems Consortium / BIND
|
<9.9.9-P5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HPE HP-UX
HPE
|
cpe:/o:hp:hp-ux:-
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:-
|
— | |
|
Dell NetWorker
Dell
|
cpe:/a:dell:networker:virtual
|
— | |
|
SUSE Linux Enterprise Desktop
SUSE
|
cpe:/o:suse:linux_enterprise_desktop:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Internet Systems Consortium BIND <9.11.0-P2
Internet Systems Consortium / BIND
|
<9.11.0-P2 | ||
|
Internet Systems Consortium BIND <9.10.4-P5
Internet Systems Consortium / BIND
|
<9.10.4-P5 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HPE HP-UX
HPE
|
cpe:/o:hp:hp-ux:-
|
— | |
|
EMC VNX2
EMC
|
cpe:/h:emc:vnx:-
|
— | |
|
Dell NetWorker
Dell
|
cpe:/a:dell:networker:virtual
|
— | |
|
SUSE Linux Enterprise Desktop
SUSE
|
cpe:/o:suse:linux_enterprise_desktop:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Internet Systems Consortium BIND <9.9.9-P5
Internet Systems Consortium / BIND
|
<9.9.9-P5 | ||
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Internet Systems Consortium BIND <9.11.0-P2
Internet Systems Consortium / BIND
|
<9.11.0-P2 | ||
|
Internet Systems Consortium BIND <9.10.4-P5
Internet Systems Consortium / BIND
|
<9.10.4-P5 | ||
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Internet Systems Consortium BIND <9.9.9-P5
Internet Systems Consortium / BIND
|
<9.9.9-P5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HPE HP-UX
HPE
|
cpe:/o:hp:hp-ux:-
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:-
|
— | |
|
Dell NetWorker
Dell
|
cpe:/a:dell:networker:virtual
|
— | |
|
SUSE Linux Enterprise Desktop
SUSE
|
cpe:/o:suse:linux_enterprise_desktop:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Internet Systems Consortium BIND <9.11.0-P2
Internet Systems Consortium / BIND
|
<9.11.0-P2 | ||
|
Internet Systems Consortium BIND <9.10.4-P5
Internet Systems Consortium / BIND
|
<9.10.4-P5 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Internet Systems Consortium BIND <9.9.9-P5
Internet Systems Consortium / BIND
|
<9.9.9-P5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE Linux Enterprise Server
SUSE
|
cpe:/o:suse:linux_enterprise_server:-
|
— | |
|
Dell NetWorker
Dell
|
cpe:/a:dell:networker:virtual
|
— | |
|
SUSE Linux Enterprise Desktop
SUSE
|
cpe:/o:suse:linux_enterprise_desktop:-
|
— | |
|
Internet Systems Consortium BIND <9.11.0-P2
Internet Systems Consortium / BIND
|
<9.11.0-P2 | ||
|
Internet Systems Consortium BIND <9.10.4-P5
Internet Systems Consortium / BIND
|
<9.10.4-P5 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— |
References
30 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance\n- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1188 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-1188.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1188 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1188"
},
{
"category": "external",
"summary": "Openwall OSS-Security vom 2017-01-11",
"url": "http://www.openwall.com/lists/oss-security/2017/01/12/1"
},
{
"category": "external",
"summary": "SUSE Security Update Announcement ID SUSE-SU-2017:0113-1 vom 2017-01-11",
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-01/msg00016.html"
},
{
"category": "external",
"summary": "SUSE Security Update Announcement ID SUSE-SU-2017:0112-1 vom 2017-01-11",
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-01/msg00015.html"
},
{
"category": "external",
"summary": "SUSE Security Update Announcement ID SUSE-SU-2017:0111-1 vom 2017-01-11",
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-01/msg00014.html"
},
{
"category": "external",
"summary": "ISC BIND9 Security Advisory AA-01442 vom 2017-01-11",
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"category": "external",
"summary": "ISC BIND9 Security Advisory AA-01441 vom 2017-01-11",
"url": "https://kb.isc.org/article/AA-01441/"
},
{
"category": "external",
"summary": "ISC BIND9 Security Advisory AA-01440 vom 2017-01-11",
"url": "https://kb.isc.org/article/AA-01440/"
},
{
"category": "external",
"summary": "ISC BIND9 Security Advisory AA-01439 vom 2017-01-11",
"url": "https://kb.isc.org/article/AA-01439"
},
{
"category": "external",
"summary": "F5 Security Advisory K86272821 vom 2017-01-13",
"url": "https://support.f5.com/csp/article/K86272821"
},
{
"category": "external",
"summary": "F5 Security Advisory K40181790 vom 2017-01-13",
"url": "https://support.f5.com/csp/article/K40181790"
},
{
"category": "external",
"summary": "F5 Security Advisory K02138183 vom 2017-01-12",
"url": "https://support.f5.com/csp/#/article/K02138183"
},
{
"category": "external",
"summary": "F5 Security Advisory K02138183 vom 2017-01-12",
"url": "https://support.f5.com/csp/article/K02138183"
},
{
"category": "external",
"summary": "F5 Security Advisory K25061316 vom 2017-01-11",
"url": "https://support.f5.com/csp/article/K25061316"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0063 vom 2017-01-16",
"url": "https://access.redhat.com/errata/RHSA-2017:0063"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0062 vom 2017-01-16",
"url": "https://access.redhat.com/errata/RHSA-2017:0062"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:0064 vom 2017-01-16",
"url": "https://access.redhat.com/errata/RHSA-2017:0064"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-0062 vom 2017-01-17",
"url": "http://linux.oracle.com/errata/ELSA-2017-0062.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-0063 vom 2017-01-17",
"url": "http://linux.oracle.com/errata/ELSA-2017-0063.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-0064 vom 2017-01-17",
"url": "http://linux.oracle.com/errata/ELSA-2017-0064.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2017:0063 vom 2017-01-17",
"url": "https://lwn.net/Alerts/711814"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2017:0063 vom 2017-01-17",
"url": "https://lwn.net/Alerts/711815"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2017:0062 vom 2017-01-17",
"url": "https://lwn.net/Alerts/711813"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN HPESBUX03699 SSRT110304 rev.1 vom 2017-01-27",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05381687"
},
{
"category": "external",
"summary": "Juniper Security Bulletin JSA10785 vom 2017-04-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10785"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:1583 vom 2017-06-28",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"category": "external",
"summary": "Dell/EMC Knowledge Base Article: 000529947",
"url": "https://support.emc.com/kb/529947"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9117 vom 2022-02-03",
"url": "https://linux.oracle.com/errata/ELSA-2022-9117.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-213 vom 2025-05-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000326299/dsa-2025-213-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-multiple-third-party-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Internet Systems Consortium BIND: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-05-29T22:00:00.000+00:00",
"generator": {
"date": "2025-05-30T10:55:06.617+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-1188",
"initial_release_date": "2017-01-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2017-01-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-12T23:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2017-01-12T23:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-01-15T23:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2017-01-16T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2017-01-17T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2017-02-06T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2017-02-06T23:00:00.000+00:00",
"number": "9",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-04-12T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2017-04-12T22:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-06-28T22:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2018-09-26T22:00:00.000+00:00",
"number": "13",
"summary": "Added references"
},
{
"date": "2022-02-03T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC VNX2",
"product": {
"name": "EMC VNX2",
"product_id": "T004667",
"product_identification_helper": {
"cpe": "cpe:/h:emc:vnx:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE HP-UX",
"product": {
"name": "HPE HP-UX",
"product_id": "4871",
"product_identification_helper": {
"cpe": "cpe:/o:hp:hp-ux:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.9.9-P5",
"product": {
"name": "Internet Systems Consortium BIND \u003c9.9.9-P5",
"product_id": "T009194"
}
},
{
"category": "product_version",
"name": "9.9.9-P5",
"product": {
"name": "Internet Systems Consortium BIND 9.9.9-P5",
"product_id": "T009194-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:isc:bind:9.9.9-p5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.10.4-P5",
"product": {
"name": "Internet Systems Consortium BIND \u003c9.10.4-P5",
"product_id": "T009195"
}
},
{
"category": "product_version",
"name": "9.10.4-P5",
"product": {
"name": "Internet Systems Consortium BIND 9.10.4-P5",
"product_id": "T009195-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:isc:bind:9.10.4-p5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.11.0-P2",
"product": {
"name": "Internet Systems Consortium BIND \u003c9.11.0-P2",
"product_id": "T009196"
}
},
{
"category": "product_version",
"name": "9.11.0-P2",
"product": {
"name": "Internet Systems Consortium BIND 9.11.0-P2",
"product_id": "T009196-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:isc:bind:9.11.0-p2"
}
}
}
],
"category": "product_name",
"name": "BIND"
}
],
"category": "vendor",
"name": "Internet Systems Consortium"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T008011",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"product_id": "72893",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_desktop:-"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server",
"product": {
"name": "SUSE Linux Enterprise Server",
"product_id": "T002247",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9131",
"product_status": {
"known_affected": [
"T009194",
"67646",
"4871",
"T002247",
"T034583",
"72893",
"T001663",
"T009196",
"T009195",
"T004914",
"T039664"
]
},
"release_date": "2017-01-11T23:00:00.000+00:00",
"title": "CVE-2016-9131"
},
{
"cve": "CVE-2016-9147",
"product_status": {
"known_affected": [
"67646",
"4871",
"T004667",
"T034583",
"72893",
"T004914",
"T039664",
"T009194",
"T002247",
"T001663",
"T009196",
"T009195",
"T008011"
]
},
"release_date": "2017-01-11T23:00:00.000+00:00",
"title": "CVE-2016-9147"
},
{
"cve": "CVE-2016-9444",
"product_status": {
"known_affected": [
"T009194",
"67646",
"4871",
"T002247",
"T034583",
"72893",
"T001663",
"T009196",
"T009195",
"T004914",
"T008011",
"T039664"
]
},
"release_date": "2017-01-11T23:00:00.000+00:00",
"title": "CVE-2016-9444"
},
{
"cve": "CVE-2016-9778",
"product_status": {
"known_affected": [
"T009194",
"67646",
"T002247",
"T034583",
"72893",
"T009196",
"T009195",
"T004914",
"T039664"
]
},
"release_date": "2017-01-11T23:00:00.000+00:00",
"title": "CVE-2016-9778"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…