CVE-2016-2776
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-2776
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2776.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-2776
- Related
- Published
- 2016-09-28T10:59:00Z
- Modified
- 2024-09-18T02:24:17.443501Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
- References
-
- http://rhn.redhat.com/errata/RHSA-2016-1944.html
- http://rhn.redhat.com/errata/RHSA-2016-1945.html
- http://rhn.redhat.com/errata/RHSA-2016-2099.html
- https://kb.isc.org/article/AA-01419/0
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:28.bind.asc
- https://security.gentoo.org/glsa/201610-07
- https://security.netapp.com/advisory/ntap-20160930-0001/
- http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.securityfocus.com/bid/93188
- http://www.securitytracker.com/id/1036903
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05321107
- https://kb.isc.org/article/AA-01435
- https://kb.isc.org/article/AA-01436
- https://kb.isc.org/article/AA-01438
- https://www.exploit-db.com/exploits/40453/
- https://security.alpinelinux.org/vuln/CVE-2016-2776
- https://security-tracker.debian.org/tracker/CVE-2016-2776
Affected packages
Alpine:v3.2 / bind
Package
- Name
- bind
- Purl
- pkg:apk/alpine/bind?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.10.4_p3
Affected versions
9.*
9.6.0_p1-r0
9.6.0_p1-r1
9.6.1_p1-r0
9.6.1_p1-r1
9.6.1_p2-r1
9.6.1_p3-r1
9.7.0_p1-r1
9.7.0_p1-r2
9.7.1-r0
9.7.1_p2-r0
9.7.2-r0
9.7.2_p1-r0
9.7.2_p2-r0
9.7.2_p3-r0
9.7.3-r0
9.8.0-r0
9.8.0_p1-r0
9.8.0_p2-r0
9.8.0_p2-r1
9.8.0_p4-r0
9.8.1-r0
9.8.1_p1-r0
9.9.0-r0
9.9.0-r1
9.9.1-r0
9.9.1_p1-r0
9.9.1_p2-r0
9.9.1_p3-r0
9.9.2-r0
9.9.2_p1-r0
9.9.2_p2-r0
9.9.3-r0
9.9.3_p1-r0
9.9.3_p2-r0
9.9.3_p2-r1
9.9.3_p2-r2
9.9.4-r0
9.9.4_p1-r0
9.9.4_p1-r1
9.9.4_p2-r0
9.9.5-r0
9.10.0-r0
9.10.0_p1-r0
9.10.0_p2-r0
9.10.0_p2-r1
9.10.1-r0
9.10.1-r1
9.10.1-r2
9.10.1_p1-r0
9.10.1_p2-r0
9.10.1_p2-r1
9.10.1_p2-r2
9.10.2-r0
9.10.2-r1
9.10.2_p3-r0
9.10.2_p3-r1
9.10.2_p4-r0
9.10.3_p2-r0
9.10.3_p3-r0
9.10.3_p4-r0
9.10.4_p2-r0
Alpine:v3.3 / bind
Package
- Name
- bind
- Purl
- pkg:apk/alpine/bind?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.10.4_p3-r0
Affected versions
9.*
9.6.0_p1-r0
9.6.0_p1-r1
9.6.1_p1-r0
9.6.1_p1-r1
9.6.1_p2-r1
9.6.1_p3-r1
9.7.0_p1-r1
9.7.0_p1-r2
9.7.1-r0
9.7.1_p2-r0
9.7.2-r0
9.7.2_p1-r0
9.7.2_p2-r0
9.7.2_p3-r0
9.7.3-r0
9.8.0-r0
9.8.0_p1-r0
9.8.0_p2-r0
9.8.0_p2-r1
9.8.0_p4-r0
9.8.1-r0
9.8.1_p1-r0
9.9.0-r0
9.9.0-r1
9.9.1-r0
9.9.1_p1-r0
9.9.1_p2-r0
9.9.1_p3-r0
9.9.2-r0
9.9.2_p1-r0
9.9.2_p2-r0
9.9.3-r0
9.9.3_p1-r0
9.9.3_p2-r0
9.9.3_p2-r1
9.9.3_p2-r2
9.9.4-r0
9.9.4_p1-r0
9.9.4_p1-r1
9.9.4_p2-r0
9.9.5-r0
9.10.0-r0
9.10.0_p1-r0
9.10.0_p2-r0
9.10.0_p2-r1
9.10.1-r0
9.10.1-r1
9.10.1-r2
9.10.1_p1-r0
9.10.1_p2-r0
9.10.1_p2-r1
9.10.1_p2-r2
9.10.2-r0
9.10.2-r1
9.10.2_p1-r0
9.10.2_p1-r1
9.10.2_p2-r0
9.10.2_p3-r0
9.10.2_p3-r1
9.10.2_p4-r0
9.10.3-r0
9.10.3-r1
9.10.3_p2-r0
9.10.3_p3-r0
9.10.3_p4-r0
9.10.4_p2-r0
Debian:11 / bind9
Package
- Name
- bind9
- Purl
- pkg:deb/debian/bind9?arch=source
Debian:12 / bind9
Package
- Name
- bind9
- Purl
- pkg:deb/debian/bind9?arch=source
Debian:13 / bind9
Package
- Name
- bind9
- Purl
- pkg:deb/debian/bind9?arch=source
Git / github.com/isc-projects/bind9
Affected ranges
- Type
- GIT
- Repo
- https://github.com/isc-projects/bind9
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
v9.*
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.9.0
v9.9.0rc3
v9.9.0rc4
v9.9.1
v9.9.2b1
v9.9.2rc1
v9.9.3
v9.9.3b1
v9.9.3b2
v9.9.3rc1
v9.9.3rc2
v9.9.4
v9.9.4b1
v9.9.4rc1
v9.9.4rc2
v9.9.5
v9.9.5b1
v9.9.5rc1
v9.9.5rc2
v9.9.6
v9.9.6b1
v9.9.6b2
v9.9.6rc1
v9.9.6rc2
v9.9.7
v9.9.7b1
v9.9.7rc1
v9.9.7rc2
v9.9.8
v9.9.8b1
v9.9.8rc1
v9.9.9
v9.9.9b1
v9.9.9b2
v9.9.9rc1