Vulnerability CVE-2016-2776: Information
Description
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
bind | sisyphus | 9.9.8-alt4 | 9.18.26-alt1 | ALT-PU-2016-2031-1 | 170052 | Fixed |
bind | p10 | 9.9.8-alt4 | 9.16.48-alt1 | ALT-PU-2016-2031-1 | 170052 | Fixed |
bind | p9 | 9.9.8-alt4 | 9.11.37-alt1 | ALT-PU-2016-2031-1 | 170052 | Fixed |
bind | p8 | 9.9.8-alt4 | 9.10.8.P1-alt4 | ALT-PU-2016-2033-1 | 170059 | Fixed |
bind | c10f1 | 9.9.8-alt4 | 9.16.48-alt0.c10f2.1 | ALT-PU-2016-2031-1 | 170052 | Fixed |
bind | c9f2 | 9.9.8-alt4 | 9.11.37-alt1 | ALT-PU-2016-2031-1 | 170052 | Fixed |
bind | c7 | 9.9.3-alt3.M70C.1 | 9.9.9-alt1.M70C.1 | ALT-PU-2016-2045-1 | 170058 | Fixed |