[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3758-1 bind9 -- bind9

ID: oval:org.secpod.oval:def:602735Date: (C)2017-01-12   (M)2023-12-20
Class: PATCHFamily: unix




Several denial-of-service vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause an assertion failure. CVE-2016-9444 Specially-crafted upstream responses with a DS record could cause an assertion failure. These vulnerabilities predominantly affect DNS servers providing recursive service. Client queries to authoritative-only servers cannot trigger these assertion failures. These vulnerabilities are present whether or not DNSSEC validation is enabled in the server configuration.

Platform:
Debian 8.x
Product:
bind9
Reference:
DSA-3758-1
CVE-2016-9131
CVE-2016-9147
CVE-2016-9444
CVE    3
CVE-2016-9147
CVE-2016-9444
CVE-2016-9131
CPE    2
cpe:/a:isc:bind9
cpe:/o:debian:debian_linux:8.x

© SecPod Technologies