Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2016-6170

Published: 06/07/2016 Updated: 25/08/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 360
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Isc

Vulnerability Summary

ISC BIND up to and including 9.9.9-P1, 9.10.x up to and including 9.10.4-P1, and 9.11.x up to and including 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind

isc bind 9.9.9

isc bind 9.10.4

isc bind 9.11.0

redhat enterprise linux 5.0

redhat enterprise linux 6.0

redhat enterprise linux 7.0

Vendor Advisories

Ubuntu Security Notice: USN-5747-1: Bind vulnerabilities
Several security issues were fixed in Bind ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-6170: Improper restriction of zone size limit
Debian Bug report logs - #830810 bind9: CVE-2016-6170: Improper restriction of zone size limit Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 11 Jul 2016 19:03:01 UTC Severity: important Tags: fixed-upstre ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure
Debian Bug report logs - #851062 bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Jan 2017 21:27:01 UTC Severi ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd
Debian Bug report logs - #831796 bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 19 Jul 2016 14:00:06 UTC Severi ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion
Debian Bug report logs - #851065 bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Jan 2017 21:30:0 ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-2776: Assertion failure in query processing
Debian Bug report logs - #839010 bind9: CVE-2016-2776: Assertion failure in query processing Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Source for bind9 is src:bind9 (PTS, buildd, popcon) Reported by: Florian Weimer <fw@denebenyode> Date: Tue, 27 Sep 2016 17:21:02 UTC Se ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure
Debian Bug report logs - #842858 bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 1 Nov 2016 20:0 ...
Debian CVElist Bug Report Logs: bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure
Debian Bug report logs - #851063 bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date ...
Red Hat: CVE-2016-6170
It was found that bind does not implement reasonable restrictions for zone sizes This allows an explicitly configured primary DNS server for a zone to crash a secondary DNS server, affecting service of other zones hosted on the same secondary server ...

References

CWE-20https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015073.htmlhttp://www.openwall.com/lists/oss-security/2016/07/06/3https://github.com/sischkg/xfer-limit/blob/master/README.mdhttps://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.htmlhttps://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015075.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1353563https://kb.isc.org/article/AA-01390/169/CVE-2016-6170https://kb.isc.org/article/AA-01390http://www.securitytracker.com/id/1036241http://www.securityfocus.com/bid/91611https://security.gentoo.org/glsa/201610-07https://ubuntu.com/security/notices/USN-5747-1https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2016-6170
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook