Published: 12/01/2017 Updated: 27/09/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

named in ISC BIND 9.x prior to 9.9.9-P5, 9.10.x prior to 9.10.4-P5, and 9.11.x prior to 9.11.0-P2 allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 9.11.0
isc bind 9.10.4
isc bind 9.0.0
isc bind 9.1.1
isc bind 9.1.3
isc bind 9.10.0
isc bind 9.10.1
isc bind 9.10.2
isc bind 9.10.3
isc bind 9.2.0
isc bind 9.2.2
isc bind 9.2.4
isc bind 9.2.5
isc bind 9.2.8
isc bind 9.2.9
isc bind 9.3.0
isc bind 9.3.2
isc bind 9.3.3
isc bind 9.3.5
isc bind 9.3.6
isc bind 9.4
isc bind 9.4.0
isc bind 9.0.1
isc bind 9.1
isc bind 9.2
isc bind 9.2.1
isc bind 9.2.3
isc bind 9.2.7
isc bind 9.3.1
isc bind 9.3.4
isc bind 9.4.2
isc bind 9.4.3
isc bind 9.5.0
isc bind 9.5.1
isc bind 9.5.2
isc bind 9.6
isc bind 9.6.0
isc bind 9.6.1
isc bind 9.6.2
isc bind 9.6.3
isc bind 9.7.0
isc bind 9.7.1
isc bind 9.7.2
isc bind 9.7.3
isc bind 9.7.4
isc bind 9.7.5
isc bind 9.7.6
isc bind 9.9.8
isc bind 9.9.9
isc bind 9.8.0
isc bind 9.0
isc bind 9.2.6
isc bind 9.3
isc bind 9.4.1
isc bind 9.5
isc bind 9.7.7
isc bind 9.8.1
isc bind 9.1.0
isc bind 9.1.2
isc bind 9.5.3

Synopsis Important: bind security update Type/Severity Security Advisory: Important Topic An update for bind is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...

Synopsis Important: bind security and bug fix update Type/Severity Security Advisory: Important Topic An update for bind is now available for Red Hat Enterprise Linux 72 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Several security issues were fixed in Bind ...

Debian Bug report logs - #830810 bind9: CVE-2016-6170: Improper restriction of zone size limit Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 11 Jul 2016 19:03:01 UTC Severity: important Tags: fixed-upstre ...

Debian Bug report logs - #851062 bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Jan 2017 21:27:01 UTC Severi ...

Debian Bug report logs - #831796 bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 19 Jul 2016 14:00:06 UTC Severi ...

Debian Bug report logs - #851065 bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Jan 2017 21:30:0 ...

Debian Bug report logs - #839010 bind9: CVE-2016-2776: Assertion failure in query processing Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Source for bind9 is src:bind9 (PTS, buildd, popcon) Reported by: Florian Weimer <fw@denebenyode> Date: Tue, 27 Sep 2016 17:21:02 UTC Se ...

Debian Bug report logs - #842858 bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 1 Nov 2016 20:0 ...

Debian Bug report logs - #851063 bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date ...

A denial of service flaw was found in the way BIND handled an unusually-formed DS record response A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response ...

USNParser 必要なもの python 360 beautifulsoup4 453 urllib3 1191 インストールまずpython for windowsを以下からインストール wwwpythonorg/downloads/ インストールしたフォルダとその下のScriptsをPathに追加 Path=C:\Users\murakamiryo\AppData\Local\Programs\Python\Python36-32;C:\Users\murakamiryo\AppData\Local\Programs\Pyt

Monster patch day for Juniper customers

The Register • Richard Chirgwin • 13 Apr 2017

Nine advisories landed today

Clear the diaries, Juniper sysadmins, a van-load of patches landed today. I suggest you join me in getting a coffee and settling in while we go through the list. The security fixes cover six fixes to Junos, one for the company’s EX Series switches, BIND fixes for SRX, vSRX and J-Series units, and multiple fixes for the NorthStar controller. Ready? Let’s go. BIND: Junos OS on SRX, vSRX and J-Series has been upgraded to tick the boxes on five vulnerabilities. All four CVEs (CVE-2016-2776, CVE-...

CVE-2016-9444

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect