var-201611-0348
Vulnerability from variot
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. ISC BIND Is DNAME There is a problem with the response packet containing the record, db.c Or resolver.c so assertion failture ( Violation of representation ) And the result named May end abnormally. (resolver.c so assertion failure If this happens "INSIST((valoptions & 0x0002U) != 0) failed" , db.c so assertion failure If this happens "REQUIRE(targetp != ((void )0) && targetp == ((void *)0)) failed" Is displayed. ) According to the developer, 2016 Year 11 Moon 2 No attacks have been observed as of the day, but queries that cause crashes are mentioned on the public mailing list. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. https://cwe.mitre.org/data/definitions/19.htmlService disruption by a remote third party (DoS) An attack may be carried out. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. ISC BIND versions 9.0.x through 9.8.x, 9.9.0 through 9.9.9-P3, 9.9.3-S1 through 9.9.9-S5, 9.10.0 through 9.10.4-P3 and 9.11.0 are vulnerable. 5 client) - i386, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2016:2871-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2871.html Issue date: 2016-12-06 CVE Names: CVE-2016-8864 =====================================================================
- Summary:
An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
- A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. (CVE-2016-8864)
Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1389652 - CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer
- Package List:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7):
Source: bind-9.8.2-0.37.rc1.el6_7.9.src.rpm
x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):
x86_64: bind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.2):
Source: bind-9.7.3-8.P3.el6_2.6.src.rpm
x86_64: bind-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-chroot-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-libs-9.7.3-8.P3.el6_2.6.i686.rpm bind-libs-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-utils-9.7.3-8.P3.el6_2.6.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.10.src.rpm
x86_64: bind-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.6):
Source: bind-9.8.2-0.30.rc1.el6_6.7.src.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.6):
Source: bind-9.8.2-0.30.rc1.el6_6.7.src.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: bind-9.8.2-0.37.rc1.el6_7.9.src.rpm
i386: bind-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.i686.rpm
ppc64: bind-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm
s390x: bind-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.s390x.rpm
x86_64: bind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.2):
Source: bind-9.7.3-8.P3.el6_2.6.src.rpm
x86_64: bind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-devel-9.7.3-8.P3.el6_2.6.i686.rpm bind-devel-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-sdb-9.7.3-8.P3.el6_2.6.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.10.src.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.6):
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.6):
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.7):
i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-8864 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01434
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFYRlsfXlSAg2UNWIIRAmy8AJ9xFyJSMmX2XN+lcWzsNNQT7cfR8QCggVOj KpG5DRbXaKAdrUMg5IeIS+s= =aWJX -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3119-1 November 01, 2016
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Software Description: - bind9: Internet Domain Name Server
Details:
Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.1
Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.2
Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.10
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.19
In general, a standard system update will make all the necessary changes. 7.2) - ppc64, ppc64le, s390x, x86_64
Bug Fix(es):
-
ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK is essential for ensuring that validating DNS resolvers continue to function following the rollover. (BZ#1459648)
Release Date: 2017-01-27 Last Updated: 2017-01-27
Potential Security Impact: Remote: Denial of Service (DoS)
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create multiple Denial of Services (DoS).
- HP-UX BIND B.11.31 - BIND 9.9.4 prior to C.9.9.4.9.0
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-8864
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-9131
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-9444
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has provided the following software updates to resolve the vulnerability in the HP-UX BIND service running named.
- BIND 9.9.4 for HP-UX Release B.11.31 (PA and IA)
- Depot: HP_UX_11.31_HPUX-NameServer_C.9.9.4.9.0_HP-UX_B.11.31_IA_PA.depot
Note: The depot files can be found here: https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=BIND
MANUAL ACTIONS: Yes - Update
Download and install the software update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HPE and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically.
For more information see:
https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=B6834AA The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.31 IA/PA
===================
NameService.BIND-AUX
NameService.BIND-RUN
action: install C.9.9.4.9.0 or subsequent
HISTORY Version:1 (rev.1) - 28 January 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.4_p4"
References
[ 1 ] CVE-2016-8864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8864
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-26
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0348", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "bind", "scope": "eq", "trust": 1.8, "vendor": "isc", "version": "9.11.0" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.6" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.2" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.4" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "8.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.9.9" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.5" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.7" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.10.4" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "bind", "scope": "lt", "trust": 1.0, "vendor": "isc", "version": "9.10.4" }, { "model": "bind", "scope": "gte", "trust": 1.0, "vendor": "isc", "version": "9.10.0" }, { "model": "data ontap edge", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.2" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.6" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.4" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.2" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "solidfire", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.5" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "bind", "scope": "gte", "trust": 1.0, "vendor": "isc", "version": "9.0.0" }, { "model": "bind", "scope": "lt", "trust": 1.0, "vendor": "isc", "version": "9.9.9" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.4" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.5" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.2" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "steelstore cloud integrated storage", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "bind", "scope": "eq", "trust": 0.9, "vendor": "isc", "version": "9.0.1" }, { "model": "bind", "scope": "eq", "trust": 0.9, "vendor": "isc", "version": "9.0" }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.0.x from 9.8.x" }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.10.0 from 9.10.4-p3" }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.9.0 from 9.9.9-p3" }, { "model": "bind", "scope": "lte", "trust": 0.8, "vendor": "isc", "version": "9.9.3-s1 from 9.9.9-s5" }, { "model": "bind", "scope": "eq", "trust": 0.6, "vendor": "isc", "version": "9.2.4" }, { "model": "bind", "scope": "eq", "trust": 0.6, "vendor": "isc", "version": "9.0.0" }, { "model": "junos 15.1x49-d60", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 15.1x49-d40", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 15.1x49-d30", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 15.1x49-d20", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 15.1x49-d15", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 15.1x49-d10", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d40", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d35", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d30", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d25", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d20", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d15", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d10", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d60", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d55", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d51", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d50", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d46", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d45", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d40", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d37", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d36", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d35", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d30", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d26", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d25", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d20", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d15", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d10", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "powerkvm", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1" }, { "model": "powerkvm", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.4.4" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.4.3" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.4.6.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.9.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.8.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.7.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.6.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.3" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.0" }, { "model": "netezza host management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.10.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "hp-ux bind b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "big-ip websafe", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1" }, { "model": "big-ip websafe", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip websafe", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip websafe", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.1.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "12.0" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "junos 15.1x49-d70", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.3x48-d45", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "junos 12.1x46-d65", "scope": "ne", "trust": 0.3, "vendor": "juniper", "version": null } ], "sources": [ { "db": "BID", "id": "94067" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "CNNVD", "id": "CNNVD-201610-898" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.9.9", "versionStartIncluding": "9.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.10.4", "versionStartIncluding": "9.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:alpha1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:alpha2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:alpha3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-8864" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "and others, Marco Davids (SIDN Labs),ony Finch (University of Cambridge)", "sources": [ { "db": "CNNVD", "id": "CNNVD-201610-898" } ], "trust": 0.6 }, "cve": "CVE-2016-8864", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2016-8864", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2016-8864", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-8864", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201610-898", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2016-8864", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "CNNVD", "id": "CNNVD-201610-898" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. ISC BIND Is DNAME There is a problem with the response packet containing the record, db.c Or resolver.c so assertion failture ( Violation of representation ) And the result named May end abnormally. (resolver.c so assertion failure If this happens \"INSIST((valoptions \u0026 0x0002U) != 0) failed\" , db.c so assertion failure If this happens \"REQUIRE(targetp != ((void *)0) \u0026\u0026 *targetp == ((void *)0)) failed\" Is displayed. ) According to the developer, 2016 Year 11 Moon 2 No attacks have been observed as of the day, but queries that cause crashes are mentioned on the public mailing list. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. https://cwe.mitre.org/data/definitions/19.htmlService disruption by a remote third party (DoS) An attack may be carried out. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the application, resulting in a denial-of-service condition. \nISC BIND versions 9.0.x through 9.8.x, 9.9.0 through 9.9.9-P3, 9.9.3-S1 through 9.9.9-S5, 9.10.0 through 9.10.4-P3 and 9.11.0 are vulnerable. 5 client) - i386, x86_64\n\n3. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2016:2871-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-2871.html\nIssue date: 2016-12-06\nCVE Names: CVE-2016-8864 \n=====================================================================\n\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 6.2\nAdvanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update\nSupport, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat\nEnterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise\nLinux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco\nExtended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update\nSupport. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.6) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* A denial of service flaw was found in the way BIND handled responses\ncontaining a DNAME answer. (CVE-2016-8864)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN\nLabs) as the original reporters. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1389652 - CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7):\n\nSource:\nbind-9.8.2-0.37.rc1.el6_7.9.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):\n\nx86_64:\nbind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\nbind-9.7.3-8.P3.el6_2.6.src.rpm\n\nx86_64:\nbind-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-chroot-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm\nbind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-libs-9.7.3-8.P3.el6_2.6.i686.rpm\nbind-libs-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-utils-9.7.3-8.P3.el6_2.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.10.src.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.10.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.5.src.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.5.src.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.7.src.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.7.src.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\nbind-9.8.2-0.37.rc1.el6_7.9.src.rpm\n\ni386:\nbind-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.9.i686.rpm\n\nppc64:\nbind-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.ppc.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.s390.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2):\n\nSource:\nbind-9.7.3-8.P3.el6_2.6.src.rpm\n\nx86_64:\nbind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm\nbind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-devel-9.7.3-8.P3.el6_2.6.i686.rpm\nbind-devel-9.7.3-8.P3.el6_2.6.x86_64.rpm\nbind-sdb-9.7.3-8.P3.el6_2.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.10.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.10.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.5.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.5.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6):\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6):\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7):\n\ni386:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.9.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.ppc.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.s390.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.9.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm\nbind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\nbind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-8864\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://kb.isc.org/article/AA-01434\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFYRlsfXlSAg2UNWIIRAmy8AJ9xFyJSMmX2XN+lcWzsNNQT7cfR8QCggVOj\nKpG5DRbXaKAdrUMg5IeIS+s=\n=aWJX\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n===========================================================================\nUbuntu Security Notice USN-3119-1\nNovember 01, 2016\n\nbind9 vulnerability\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.10\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nTony Finch and Marco Davids discovered that Bind incorrectly handled\ncertain responses containing a DNAME answer. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.10:\n bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.1\n\nUbuntu 16.04 LTS:\n bind9 1:9.10.3.dfsg.P4-8ubuntu1.2\n\nUbuntu 14.04 LTS:\n bind9 1:9.9.5.dfsg-3ubuntu0.10\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.19\n\nIn general, a standard system update will make all the necessary changes. 7.2) - ppc64, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)\nrollover during October 2017. Maintaining an up-to-date KSK is essential\nfor ensuring that validating DNS resolvers continue to function following\nthe rollover. (BZ#1459648)\n\n4. \n\nRelease Date: 2017-01-27\nLast Updated: 2017-01-27\n\nPotential Security Impact: Remote: Denial of Service (DoS)\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create multiple Denial of Services (DoS). \n\n - HP-UX BIND B.11.31 - BIND 9.9.4 prior to C.9.9.4.9.0\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-8864\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-9131\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-9444\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software updates to resolve the vulnerability in the HP-UX BIND service running named. \n\n * BIND 9.9.4 for HP-UX Release B.11.31 (PA and IA)\n * Depot: HP_UX_11.31_HPUX-NameServer_C.9.9.4.9.0_HP-UX_B.11.31_IA_PA.depot\n\nNote: The depot files can be found here:\n\u003chttps://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb\nr=BIND\u003e\n\n MANUAL ACTIONS: Yes - Update \n Download and install the software update\n \n PRODUCT SPECIFIC INFORMATION \n HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application \n that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins \n issued by HPE and lists recommended actions that may apply to a specific HP-UX \n system. It can also download patches and create a depot automatically. \nFor more information see:\n \n\u003chttps://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb\nr=B6834AA\u003e\n The following text is for use by the HP-UX Software Assistant. \n\n AFFECTED VERSIONS\n\n HP-UX B.11.31 IA/PA \n =================== \n NameService.BIND-AUX \n NameService.BIND-RUN \n action: install C.9.9.4.9.0 or subsequent\n\nHISTORY\nVersion:1 (rev.1) - 28 January 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.4_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-8864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8864\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201701-26\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2016-8864" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "BID", "id": "94067" }, { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "PACKETSTORM", "id": "139496" }, { "db": "PACKETSTORM", "id": "139541" }, { "db": "PACKETSTORM", "id": "140046" }, { "db": "PACKETSTORM", "id": "139461" }, { "db": "PACKETSTORM", "id": "143169" }, { "db": "PACKETSTORM", "id": "140943" }, { "db": "PACKETSTORM", "id": "140436" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-8864", "trust": 3.5 }, { "db": "ISC", "id": "AA-01434", "trust": 2.4 }, { "db": "BID", "id": "94067", "trust": 2.0 }, { "db": "ISC", "id": "AA-01435", "trust": 1.7 }, { "db": "ISC", "id": "AA-01437", "trust": 1.7 }, { "db": "ISC", "id": "AA-01436", "trust": 1.7 }, { "db": "ISC", "id": "AA-01438", "trust": 1.7 }, { "db": "SECTRACK", "id": "1037156", "trust": 1.7 }, { "db": "JVN", "id": "JVNVU92683474", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-005674", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201610-898", "trust": 0.6 }, { "db": "JUNIPER", "id": "JSA10785", "trust": 0.3 }, { "db": "VULMON", "id": "CVE-2016-8864", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139496", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139541", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140046", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139461", "trust": 0.1 }, { "db": "ISC", "id": "AA-01440", "trust": 0.1 }, { "db": "ISC", "id": "AA-01441", "trust": 0.1 }, { "db": "ISC", "id": "AA-01466", "trust": 0.1 }, { "db": "ISC", "id": "AA-01439", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143169", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140943", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140436", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "BID", "id": "94067" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "PACKETSTORM", "id": "139496" }, { "db": "PACKETSTORM", "id": "139541" }, { "db": "PACKETSTORM", "id": "140046" }, { "db": "PACKETSTORM", "id": "139461" }, { "db": "PACKETSTORM", "id": "143169" }, { "db": "PACKETSTORM", "id": "140943" }, { "db": "PACKETSTORM", "id": "140436" }, { "db": "CNNVD", "id": "CNNVD-201610-898" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "id": "VAR-201611-0348", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.44401007833333334 }, "last_update_date": "2024-07-23T21:46:27.318000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure", "trust": 0.8, "url": "https://kb.isc.org/article/aa-01434" }, { "title": "ISC BIND Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65217" }, { "title": "Red Hat: Important: bind security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162615 - security advisory" }, { "title": "Red Hat: Important: bind security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162141 - security advisory" }, { "title": "Red Hat: Important: bind security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162871 - security advisory" }, { "title": "Red Hat: Important: bind97 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162142 - security advisory" }, { "title": "Red Hat: Important: bind security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171583 - security advisory" }, { "title": "Ubuntu Security Notice: bind9 vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3119-1" }, { "title": "Debian Security Advisories: DSA-3703-1 bind9 -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=25170e4c26eb5596b991447b2fe3f73c" }, { "title": "Arch Linux Advisories: [ASA-201611-3] bind: denial of service", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201611-3" }, { "title": "Debian Security Advisories: DSA-3795-1 bind9 -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=e9e51aab92f45f9d888ad1ffc92c4f3d" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2017-3135: Assertion failure when using DNS64 and RPZ can lead to crash", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=81f60d35c70eaa48875e5b7abedb8f93" }, { "title": "Amazon Linux AMI: ALAS-2016-768", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-768" }, { "title": "Red Hat: CVE-2016-8864", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-8864" }, { "title": "Arch Linux Issues: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-8864" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-6170: Improper restriction of zone size limit", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e02ec149f48761d28abbc8f9e7aa9438" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=242cf61148134d5daf6c6f211f3dc7b2" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=203ff59e2f48888eafac702f965368d2" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1b1bb9752a4b7727509a33fc1bcf30af" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=da9e0b6af817aa72c070683e0bb02db7" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9d0264b02e692c0714293a515e15b50a" }, { "title": "Debian CVElist Bug Report Logs: bind9: CVE-2016-2776: Assertion failure in query processing", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fdfc8fe346679f9224f550ec67083216" }, { "title": "Forcepoint Security Advisories: CVE-2016-8864 BIND Security Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=4a067339d3ba130473f82866197373b9" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591" }, { "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c" }, { "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf" }, { "title": "check_debsecan", "trust": 0.1, "url": "https://github.com/amd1212/check_debsecan " }, { "title": "Vision", "trust": 0.1, "url": "https://github.com/coolervoid/vision " }, { "title": "Vision2", "trust": 0.1, "url": "https://github.com/coolervoid/vision2 " }, { "title": "bind9", "trust": 0.1, "url": "https://github.com/altinners/bind9 " }, { "title": "balabit-os-7-bind9", "trust": 0.1, "url": "https://github.com/balabit-deps/balabit-os-7-bind9 " }, { "title": "os-bind9", "trust": 0.1, "url": "https://github.com/pexip/os-bind9 " }, { "title": "rhsecapi", "trust": 0.1, "url": "https://github.com/redhatofficial/rhsecapi " }, { "title": "cve-pylib", "trust": 0.1, "url": "https://github.com/redhatproductsecurity/cve-pylib " }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2017/04/13/monster_patch_day_for_juniper/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "CNNVD", "id": "CNNVD-201610-898" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-617", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 }, { "problemtype": "CWE-20", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://kb.isc.org/article/aa-01434" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2016-2871.html" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2016-2615.html" }, { "trust": 1.8, "url": "https://security.gentoo.org/glsa/201701-26" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2017:1583" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2016-2142.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/94067" }, { "trust": 1.7, "url": "https://kb.isc.org/article/aa-01438" }, { "trust": 1.7, "url": "https://kb.isc.org/article/aa-01437" }, { "trust": 1.7, "url": "https://kb.isc.org/article/aa-01436" }, { "trust": 1.7, "url": "https://kb.isc.org/article/aa-01435" }, { "trust": 1.7, "url": "http://www.debian.org/security/2016/dsa-3703" }, { "trust": 1.7, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05381687" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1037156" }, { "trust": 1.7, "url": "https://security.freebsd.org/advisories/freebsd-sa-16:34.bind.asc" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2016-2141.html" }, { "trust": 1.7, "url": "https://security.netapp.com/advisory/ntap-20180926-0005/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8864" }, { "trust": 0.8, "url": "https://www.jpcert.or.jp/at/2016/at160044.html" }, { "trust": 0.8, "url": "https://www.nic.ad.jp/ja/topics/2016/20161102-01.html" }, { "trust": 0.8, "url": "https://jprs.jp/tech/security/2016-11-02-bind9-vuln-dname.html" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu92683474/index.html" }, { "trust": 0.8, "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8864" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8864" }, { "trust": 0.4, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05381687" }, { "trust": 0.4, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.4, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2016-8864" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.4, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.3, "url": "http://www.isc.org/products/bind/" }, { "trust": 0.3, "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35322517.html?sr=59127107" }, { "trust": 0.3, "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10785\u0026cat=sirt_1\u0026actp=list" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024402" }, { "trust": 0.3, "url": "http://aix.software.ibm.com/aix/efixes/security/bind_advisory14.asc" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994505" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9131" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9444" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/617.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2016:2615" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/3119-1/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49560" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.19" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.10" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-10.1ubuntu1.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.2" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-3119-1" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-9147" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-9444" }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-01441" }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-01439" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-3137" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-3137" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9147" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-9131" }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-01440" }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-01466" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.1, "url": "https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumb" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-8864" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "BID", "id": "94067" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "PACKETSTORM", "id": "139496" }, { "db": "PACKETSTORM", "id": "139541" }, { "db": "PACKETSTORM", "id": "140046" }, { "db": "PACKETSTORM", "id": "139461" }, { "db": "PACKETSTORM", "id": "143169" }, { "db": "PACKETSTORM", "id": "140943" }, { "db": "PACKETSTORM", "id": "140436" }, { "db": "CNNVD", "id": "CNNVD-201610-898" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2016-8864" }, { "db": "BID", "id": "94067" }, { "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "db": "PACKETSTORM", "id": "139496" }, { "db": "PACKETSTORM", "id": "139541" }, { "db": "PACKETSTORM", "id": "140046" }, { "db": "PACKETSTORM", "id": "139461" }, { "db": "PACKETSTORM", "id": "143169" }, { "db": "PACKETSTORM", "id": "140943" }, { "db": "PACKETSTORM", "id": "140436" }, { "db": "CNNVD", "id": "CNNVD-201610-898" }, { "db": "NVD", "id": "CVE-2016-8864" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-02T00:00:00", "db": "VULMON", "id": "CVE-2016-8864" }, { "date": "2016-11-02T00:00:00", "db": "BID", "id": "94067" }, { "date": "2016-11-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "date": "2016-11-02T20:15:40", "db": "PACKETSTORM", "id": "139496" }, { "date": "2016-11-04T20:10:20", "db": "PACKETSTORM", "id": "139541" }, { "date": "2016-12-06T16:56:18", "db": "PACKETSTORM", "id": "140046" }, { "date": "2016-11-01T22:21:46", "db": "PACKETSTORM", "id": "139461" }, { "date": "2017-06-28T20:19:00", "db": "PACKETSTORM", "id": "143169" }, { "date": "2017-02-06T17:16:00", "db": "PACKETSTORM", "id": "140943" }, { "date": "2017-01-11T18:55:42", "db": "PACKETSTORM", "id": "140436" }, { "date": "2016-11-02T00:00:00", "db": "CNNVD", "id": "CNNVD-201610-898" }, { "date": "2016-11-02T17:59:00.187000", "db": "NVD", "id": "CVE-2016-8864" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-08-17T00:00:00", "db": "VULMON", "id": "CVE-2016-8864" }, { "date": "2017-05-02T03:10:00", "db": "BID", "id": "94067" }, { "date": "2016-11-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005674" }, { "date": "2020-08-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201610-898" }, { "date": "2020-08-17T17:44:23.360000", "db": "NVD", "id": "CVE-2016-8864" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "139496" }, { "db": "PACKETSTORM", "id": "139541" }, { "db": "PACKETSTORM", "id": "140046" }, { "db": "PACKETSTORM", "id": "139461" }, { "db": "PACKETSTORM", "id": "143169" }, { "db": "PACKETSTORM", "id": "140436" }, { "db": "CNNVD", "id": "CNNVD-201610-898" } ], "trust": 1.2 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ISC BIND of DNAME Vulnerability in processing response packets containing records", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005674" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201610-898" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.