It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2016-9131)
It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2016-9147)
It was discovered that Bind incorrectly handled certain malformed DS record responses. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9444)
{ "binaries": [ { "binary_name": "bind9", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "bind9-host", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "bind9utils", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "dnsutils", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "host", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libbind-dev", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libbind9-90", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libdns100", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libisc95", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libisccc90", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "libisccfg90", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "liblwres90", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" }, { "binary_name": "lwresd", "binary_version": "1:9.9.5.dfsg-3ubuntu0.11" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:14.04:LTS", "cves": [ { "id": "CVE-2016-9131", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2016-9147", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2016-9444", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ] }
{ "binaries": [ { "binary_name": "bind9", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "bind9-host", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "bind9utils", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "dnsutils", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "host", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libbind-dev", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libbind-export-dev", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libbind9-140", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libdns-export162", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libdns162", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libirs-export141", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libirs141", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisc-export160", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisc160", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisccc-export140", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisccc140", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisccfg-export140", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "libisccfg140", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "liblwres141", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" }, { "binary_name": "lwresd", "binary_version": "1:9.10.3.dfsg.P4-8ubuntu1.4" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "id": "CVE-2016-9131", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2016-9147", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2016-9444", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ] }