Published: 09/03/2016 Updated: 01/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.8 | Impact Score: 4 | Exploitability Score: 2.2

VMScore: 385

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

resolver.c in named in ISC BIND 9.10.x prior to 9.10.3-P4, when DNS cookies are enabled, allows remote malicious users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 9.10.3
isc bind 9.10.2
isc bind 9.10.1
isc bind 9.10.0

resolverc in named in ISC BIND 910x before 9103-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option ...

CWE-20 https://kb.isc.org/article/AA-01351 https://kb.isc.org/article/AA-01380 http://www.securityfocus.com/bid/84290 http://www.securitytracker.com/id/1035238 http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html https://security.gentoo.org/glsa/201610-07 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-2088

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-2088

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect