[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2016-2848

Date: (C)2016-10-21   (M)2018-01-05 


ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
SECTRACK-1037073
BID-93809
BID-93814
RHSA-2016:2093
RHSA-2016:2094
RHSA-2016:2099
https://bugzilla.redhat.com/show_bug.cgi?id=1385450
https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4

CPE    264
cpe:/a:isc:bind:9.7.6:p4
cpe:/a:isc:bind:9.7.6:p3
cpe:/a:isc:bind:9.7.6:p2
cpe:/a:isc:bind:9.7.6:p1
...
CWE    1
CWE-20
OVAL    10
oval:org.secpod.oval:def:501883
oval:org.secpod.oval:def:501885
oval:org.secpod.oval:def:204026
oval:org.secpod.oval:def:204028
...

© 2013 SecPod Technologies