CVE-2016-2776

HIGH

Description

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

ID	Name	Product	Family	Severity
124936	EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433)	Nessus	Huawei Local Security Checks	high
121700	Photon OS 1.0: Bindutils PHSA-2017-0021	Nessus	PhotonOS Local Security Checks	high
111870	Photon OS 1.0: Bindutils / Krb5 / Ruby / Sudo / Zlib PHSA-2017-0021 (deprecated)	Nessus	PhotonOS Local Security Checks	high
102125	AIX bind Advisory : bind_advisory13.asc (IV89828) (IV89829) (IV89830) (IV89831) (IV90056)	Nessus	AIX Local Security Checks	high
99569	OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)	Nessus	OracleVM Local Security Checks	critical
97416	EulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1052)	Nessus	Huawei Local Security Checks	high
9875	ISC BIND 9.x < 9.9.9-P3 / 9.9.9-S5 / 9.10.4-P3 / 9.11.0-P1 DoS	Nessus Network Monitor	DNS Servers	high
95939	F5 Networks BIG-IP : BIND vulnerability (K18829561)	Nessus	F5 Networks Local Security Checks	high
94884	Fedora 25 : bind99 (2016-f6e4e66202)	Nessus	Fedora Local Security Checks	high
94821	Fedora 25 : 32:bind (2016-76bd94ca9e)	Nessus	Fedora Local Security Checks	high
94265	RHEL 6 : bind (RHSA-2016:2099)	Nessus	Red Hat Local Security Checks	high
94237	Fedora 23 : bind99 (2016-cbef6c8619)	Nessus	Fedora Local Security Checks	high
94236	Fedora 23 : 32:bind (2016-3af8b344f1)	Nessus	Fedora Local Security Checks	high
93994	GLSA-201610-07 : BIND: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
93888	Fedora 24 : bind99 (2016-cca77daf70)	Nessus	Fedora Local Security Checks	high
93878	Fedora 24 : 32:bind (2016-2d9825f7c1)	Nessus	Fedora Local Security Checks	high
93868	Debian DLA-645-1 : bind9 security update	Nessus	Debian Local Security Checks	high
93865	ISC BIND 9.9.x < 9.9.9-P3 / 9.10.x < 9.10.4-P3 / 9.11.x < 9.11.0rc3 buffer.c Query Response DoS	Nessus	DNS	high
93797	Scientific Linux Security Update : bind on SL5.x, SL6.x, SL7.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
93796	Scientific Linux Security Update : bind97 on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
93793	OracleVM 3.2 : bind (OVMSA-2016-0137)	Nessus	OracleVM Local Security Checks	high
93792	OracleVM 3.3 / 3.4 : bind (OVMSA-2016-0136)	Nessus	OracleVM Local Security Checks	high
93791	Oracle Linux 5 : bind97 (ELSA-2016-1945)	Nessus	Oracle Linux Local Security Checks	high
93790	Oracle Linux 5 / 6 / 7 : bind (ELSA-2016-1944)	Nessus	Oracle Linux Local Security Checks	high
93789	Amazon Linux AMI : bind (ALAS-2016-751)	Nessus	Amazon Linux Local Security Checks	high
93785	RHEL 5 : bind97 (RHSA-2016:1945)	Nessus	Red Hat Local Security Checks	high
93784	RHEL 5 / 6 / 7 : bind (RHSA-2016:1944)	Nessus	Red Hat Local Security Checks	high
93782	openSUSE Security Update : bind (openSUSE-2016-1133)	Nessus	SuSE Local Security Checks	high
93781	FreeBSD : BIND -- Remote Denial of Service vulnerability (c8d902b1-8550-11e6-81e7-d050996490d0)	Nessus	FreeBSD Local Security Checks	high
93780	CentOS 5 : bind97 (CESA-2016:1945)	Nessus	CentOS Local Security Checks	high
93779	CentOS 5 / 6 / 7 : bind (CESA-2016:1944)	Nessus	CentOS Local Security Checks	high
93773	Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : bind9 vulnerability (USN-3088-1)	Nessus	Ubuntu Local Security Checks	high
93772	SUSE SLES11 Security Update : bind (SUSE-SU-2016:2405-1)	Nessus	SuSE Local Security Checks	high
93770	SUSE SLES12 Security Update : bind (SUSE-SU-2016:2401-1)	Nessus	SuSE Local Security Checks	high
93769	SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2399-1)	Nessus	SuSE Local Security Checks	high
93748	Debian DSA-3680-1 : bind9 - security update	Nessus	Debian Local Security Checks	high
93742	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2016-271-01)	Nessus	Slackware Local Security Checks	high

CVE-2016-2776

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0