Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-6170

Опубликовано: 06 июл. 2016
Источник: debian
EPSS Средний

Описание

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
bind9fixed1:9.10.6+dfsg-1package

Примечания

  • Not fixed upstream, proposed patches below are unofficial:

  • Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.10.3-xfer-limit-0.0.1.patch

  • Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.9.9-P1-xfer-limit-0.0.1.patch

  • Negligible security impact

EPSS

Процентиль: 94%
0.1302
Средний

Связанные уязвимости

ubuntu логотип

CVE-2016-6170

CVSS3: 6.5
ubuntu
больше 9 лет назад

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

redhat логотип

CVE-2016-6170

CVSS3: 6.5
redhat
больше 9 лет назад

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

nvd логотип

CVE-2016-6170

CVSS3: 6.5
nvd
больше 9 лет назад

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

github логотип

GHSA-r98f-r8h7-rj5p

CVSS3: 6.5
github
больше 3 лет назад

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

suse-cvrf логотип

openSUSE-SU-2017:1063-1

suse-cvrf
почти 9 лет назад

Security update for bind

EPSS

Процентиль: 94%
0.1302
Средний