CVE Vulnerabilities

CVE-2016-1286

Published: Mar 09, 2016 | Modified: Nov 30, 2023
CVSS 3.x
8.6
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
5 IMPORTANT
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

Affected Software

Name Vendor Start Version End Version
Bind Isc 9.0.0 (including) 9.9.8 (excluding)
Bind Isc 9.10.0 (including) 9.10.3 (excluding)
Bind Isc 9.9.8 (including) 9.9.8 (including)
Bind Isc 9.9.8-p2 (including) 9.9.8-p2 (including)
Bind Isc 9.9.8-p3 (including) 9.9.8-p3 (including)
Bind Isc 9.9.8-rc1 (including) 9.9.8-rc1 (including)
Bind Isc 9.10.3 (including) 9.10.3 (including)
Bind Isc 9.10.3-beta1 (including) 9.10.3-beta1 (including)
Bind Isc 9.10.3-p1 (including) 9.10.3-p1 (including)
Bind Isc 9.10.3-p2 (including) 9.10.3-p2 (including)
Bind Isc 9.10.3-p3 (including) 9.10.3-p3 (including)
Bind Isc 9.10.3-rc1 (including) 9.10.3-rc1 (including)
Red Hat Enterprise Linux 5 RedHat bind97-32:9.7.0-21.P2.el5_11.6 *
Red Hat Enterprise Linux 5 RedHat bind-30:9.3.6-25.P1.el5_11.8 *
Red Hat Enterprise Linux 6 RedHat bind-32:9.8.2-0.37.rc1.el6_7.7 *
Red Hat Enterprise Linux 6.2 Advanced Update Support RedHat bind-32:9.7.3-8.P3.el6_2.4 *
Red Hat Enterprise Linux 6.4 Advanced Update Support RedHat bind-32:9.8.2-0.17.rc1.el6_4.8 *
Red Hat Enterprise Linux 6.5 Advanced Update Support RedHat bind-32:9.8.2-0.23.rc1.el6_5.3 *
Red Hat Enterprise Linux 6.6 Extended Update Support RedHat bind-32:9.8.2-0.30.rc1.el6_6.5 *
Red Hat Enterprise Linux 7 RedHat bind-32:9.9.4-29.el7_2.3 *
Bind9 Ubuntu precise *
Bind9 Ubuntu trusty *
Bind9 Ubuntu upstream *
Bind9 Ubuntu vivid/stable-phone-overlay *
Bind9 Ubuntu vivid/ubuntu-core *
Bind9 Ubuntu wily *

References