Vulnerability CVE-2016-8864: Information

Description

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-8864

Published: Nov. 2, 2016

Modified: Aug. 17, 2020

Error type identifier: CWE-617

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
bind	sisyphus	9.9.8-alt5	9.18.26-alt1	ALT-PU-2016-2242-1	171730	Fixed
bind	p10	9.9.8-alt5	9.16.48-alt1	ALT-PU-2016-2242-1	171730	Fixed
bind	p9	9.9.8-alt5	9.11.37-alt1	ALT-PU-2016-2242-1	171730	Fixed
bind	p8	9.9.8-alt5	9.10.8.P1-alt4	ALT-PU-2016-2245-1	171877	Fixed
bind	c10f1	9.9.8-alt5	9.16.48-alt0.c10f2.1	ALT-PU-2016-2242-1	171730	Fixed
bind	c9f2	9.9.8-alt5	9.11.37-alt1	ALT-PU-2016-2242-1	171730	Fixed
bind	c7	9.9.8-alt4.M70C.1	9.9.9-alt1.M70C.1	ALT-PU-2016-2260-1	171748	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://kb.isc.org/article/AA-01434	Vendor Advisory
94067	Third Party Advisory VDB Entry
https://kb.isc.org/article/AA-01438	Broken Link
https://kb.isc.org/article/AA-01437	Broken Link
https://kb.isc.org/article/AA-01436	Broken Link
https://kb.isc.org/article/AA-01435	Broken Link
DSA-3703	Third Party Advisory
RHSA-2016:2871	Third Party Advisory
RHSA-2016:2615	Third Party Advisory
GLSA-201701-26	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687	Third Party Advisory
1037156	Third Party Advisory VDB Entry
FreeBSD-SA-16:34	Third Party Advisory
RHSA-2017:1583	Third Party Advisory
RHSA-2016:2142	Third Party Advisory
RHSA-2016:2141	Third Party Advisory
https://security.netapp.com/advisory/ntap-20180926-0005/	Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.9.9:p2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
  Start including
  9.10.0
  End excliding
  9.10.4
  cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.9.9:beta1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.9.9:beta2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
  Start including
  9.0.0
  End excliding
  9.9.9
  cpe:2.3:a:isc:bind:9.10.4:-:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.10.4:beta1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.10.4:beta2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.10.4:beta3:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:-:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:alpha1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:alpha2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:alpha3:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:beta1:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:beta2:*:*:*:*:*:*
  cpe:2.3:a:isc:bind:9.11.0:beta3:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Version: v24.5.0

Vulnerability CVE-2016-8864: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4