Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1285

Опубликовано: 09 мар. 2016
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 4.3
CVSS3: 6.8

Описание

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

РелизСтатусПримечание
devel

not-affected

1:9.10.3.dfsg.P4-1
esm-infra-legacy/trusty

not-affected

1:9.9.5.dfsg-3ubuntu0.8
esm-infra/xenial

not-affected

1:9.10.3.dfsg.P4-1
precise

released

1:9.8.1.dfsg.P1-4ubuntu0.16
precise/esm

not-affected

1:9.8.1.dfsg.P1-4ubuntu0.16
trusty

released

1:9.9.5.dfsg-3ubuntu0.8
trusty/esm

not-affected

1:9.9.5.dfsg-3ubuntu0.8
upstream

released

9.9.8-P4, 9.10.3-P4
vivid/stable-phone-overlay

ignored

end of life
vivid/ubuntu-core

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%
0.64255
Средний

4.3 Medium

CVSS2

6.8 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1285

redhat
больше 9 лет назад

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

nvd логотип

CVE-2016-1285

CVSS3: 6.8
nvd
больше 9 лет назад

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

debian логотип

CVE-2016-1285

CVSS3: 6.8
debian
больше 9 лет назад

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does ...

github логотип

GHSA-g4mp-qjqq-f2f5

CVSS3: 6.8
github
больше 3 лет назад

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

fstec логотип

BDU:2016-00942

fstec
больше 9 лет назад

Уязвимость сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 98%
0.64255
Средний

4.3 Medium

CVSS2

6.8 Medium

CVSS3