ID

VAR-201610-0229


CVE

CVE-2016-2848


TITLE

ISC BIND 9 Service operation interruption (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005484

DESCRIPTION

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record. ISC BIND 9 There is a service disruption (DoS) Vulnerabilities exist. ISC BIND With a packet containing specially crafted option information assertion failture ( Violation of representation ) There is a vulnerability that causes it. ISC Then 2013 Year 5 We are addressing this vulnerability in a version released in January (#3548) ,Current ISC Version of BIND Is not affected by this vulnerability. #3548 There is a possibility that this vulnerability has not been corrected for products that have been imported and maintained independently prior to the patch application.By processing crafted packets, assertion failure ( Violation of representation ) May cause the product to terminate abnormally. Both authoritative servers and cache servers are affected by this vulnerability. An attacker can exploit this issue to cause denial-of-service condition. NOTE: This BID is being retired as it is a duplicate of BID 93814 (ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability). =========================================================================== Ubuntu Security Notice USN-3108-1 October 21, 2016 bind9 vulnerability =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Bind could be made to crash if it received specially crafted network traffic. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.18 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2016:2099-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2099.html Issue date: 2016-10-25 CVE Names: CVE-2016-2776 CVE-2016-2848 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) * A denial of service flaw was found in the way BIND handled packets with malformed options. (CVE-2016-2848) Red Hat would like to thank ISC for reporting CVE-2016-2776. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1378380 - CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request 1385450 - CVE-2016-2848 bind: assertion failure triggered by a packet with malformed options 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.6.src.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.8.src.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6): x86_64: bind-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: bind-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.5.src.rpm x86_64: bind-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-chroot-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-libs-9.7.3-8.P3.el6_2.5.i686.rpm bind-libs-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-utils-9.7.3-8.P3.el6_2.5.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.9.src.rpm x86_64: bind-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.6.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.i686.rpm ppc64: bind-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm s390x: bind-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.s390x.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.8.src.rpm i386: bind-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.i686.rpm ppc64: bind-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm s390x: bind-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.s390x.rpm x86_64: bind-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.5.src.rpm x86_64: bind-debuginfo-9.7.3-8.P3.el6_2.5.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-devel-9.7.3-8.P3.el6_2.5.i686.rpm bind-devel-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-sdb-9.7.3-8.P3.el6_2.5.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.9.src.rpm x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.i686.rpm ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.i686.rpm ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2776 https://access.redhat.com/security/cve/CVE-2016-2848 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01419 https://kb.isc.org/article/AA-01433 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYDyhNXlSAg2UNWIIRAg3OAKCZJF8wxwppm2XilkPQDl9JCxgrhACgguzk k0FTD0rt6WeBXIEha9Bfv4s= =miy+ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64 3. (CVE-2016-2848) 4

Trust: 2.61

sources: NVD: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // BID: 93809 // BID: 93814 // VULMON: CVE-2016-2848 // PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289

AFFECTED PRODUCTS

vendor:iscmodel:bindscope:eqversion:9.6

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.4.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.4.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.4

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.6

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.5

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.4

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.2

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.8

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.7

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.6

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.5

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.4

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.2

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.2

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.1.3

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.1.2

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.1.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.7

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.6

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.6.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.5.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.4.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.6.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.2.9

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.4.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.4

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.5.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.5.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.6.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.3.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.3

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.2.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.1

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.8.4

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.5.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.6.0

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.1.0

Trust: 1.0

vendor:iscmodel:bindscope:lteversion:9.1.0 from 9.8.4-p2

Trust: 0.8

vendor:iscmodel:bindscope:lteversion:9.9.0 from 9.9.2-p2

Trust: 0.8

vendor:iscmodel:bind p3scope:eqversion:9.5.1

Trust: 0.6

vendor:iscmodel:bind p1scope:eqversion:9.5.1

Trust: 0.6

vendor:iscmodel:bind a2scope:eqversion:9.5

Trust: 0.6

vendor:iscmodel:bind a1scope:eqversion:9.5

Trust: 0.6

vendor:iscmodel:bind p3scope:eqversion:9.4.3

Trust: 0.6

vendor:iscmodel:bind -p1scope:eqversion:9.4.1

Trust: 0.6

vendor:iscmodel:bind rc2scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind rc1scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind b4scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind b3scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind b2scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind b1scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a6scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a5scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a4scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a3scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a2scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind a1scope:eqversion:9.4

Trust: 0.6

vendor:iscmodel:bind p1scope:eqversion:9.3.6

Trust: 0.6

vendor:iscmodel:bind rc3scope:eqversion:9.3.3

Trust: 0.6

vendor:iscmodel:bind rc2scope:eqversion:9.3.3

Trust: 0.6

vendor:iscmodel:bind rc1scope:eqversion:9.3.3

Trust: 0.6

vendor:iscmodel:bind b1scope:eqversion:9.3.3

Trust: 0.6

vendor:iscmodel:bind -p2scope:eqversion:9.3.2

Trust: 0.6

vendor:iscmodel:bind -p1scope:eqversion:9.3.2

Trust: 0.6

vendor:iscmodel:bind rc3scope:eqversion:9.2.7

Trust: 0.6

vendor:iscmodel:bind rc2scope:eqversion:9.2.7

Trust: 0.6

vendor:iscmodel:bind rc1scope:eqversion:9.2.7

Trust: 0.6

vendor:iscmodel:bind b1scope:eqversion:9.2.7

Trust: 0.6

vendor:iscmodel:bind -p2scope:eqversion:9.2.6

Trust: 0.6

vendor:iscmodel:bind -p1scope:eqversion:9.2.6

Trust: 0.6

vendor:iscmodel:bind 9.7.1-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind p1scope:eqversion:9.7.1

Trust: 0.6

vendor:iscmodel:bind p2scope:eqversion:9.7.0

Trust: 0.6

vendor:iscmodel:bind 9.6.1-p3scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.6.1-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.6.0-p1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.2-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.2-p1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.1b1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0b2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0b1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0a7scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0a6scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0a5scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0a4scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0a3scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0-p2-w2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0-p2-w1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.5.0-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.3b2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.3-p5scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.3-p4scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.3-p1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.2-p2-w2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.2-p2-w1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.4.2-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.3.5-p2-w2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.3.5-p2-w1scope: - version: -

Trust: 0.6

vendor:iscmodel:bind 9.3.5-p2scope: - version: -

Trust: 0.6

vendor:iscmodel:bind bscope:eqversion:9.3.3

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip link controller hf2scope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.3

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip asm hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf8scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.3.0

Trust: 0.3

vendor:f5model:big-ip wom hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psm hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip asm hf8scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apm hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.1.0.4

Trust: 0.3

vendor:f5model:big-ip ltm hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controller hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.24

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apm hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip link controller hf8scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.2.0.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip afm hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip gtm hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip wom hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.1.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.2

Trust: 0.3

vendor:f5model:big-ip pem hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.36

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip apm hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip gtm hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asm hf6scope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.44

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.1.0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.6.0

Trust: 0.3

vendor:f5model:big-ip psm hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.46

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.4.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.34

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.26

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.3

Trust: 0.3

vendor:f5model:big-ip wom hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.4

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.4.0.4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltm hf6scope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip afm hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip pem hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.2.0.4

Trust: 0.3

vendor:f5model:big-ip ltm hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf6scope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1.0

Trust: 0.3

vendor:f5model:big-ip analytics hf6scope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip gtm hf2scope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.3.0.4

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controller hf8scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf8scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2

Trust: 0.3

sources: BID: 93809 // BID: 93814 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-2848
value: HIGH

Trust: 1.0

NVD: CVE-2016-2848
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201610-690
value: MEDIUM

Trust: 0.6

VULMON: CVE-2016-2848
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-2848
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-2848
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2016-005484 // NVD: CVE-2016-2848

THREAT TYPE

remote

Trust: 1.0

sources: PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289 // CNNVD: CNNVD-201610-690

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.6

sources: BID: 93809 // BID: 93814

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005484

PATCH

title:3548. [bug] The NSID request code in resolver.c was brokenurl:https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4

Trust: 0.8

title:CVE-2016-2848: A packet with malformed options can trigger an assertion failure in ISC BIND versions released prior to May 2013 and in packages derived from releases prior to that date.url:https://kb.isc.org/article/AA-01433

Trust: 0.8

title:Bug 1385450url:https://bugzilla.redhat.com/show_bug.cgi?id=1385450

Trust: 0.8

title:CVE-2016-2848url:https://access.redhat.com/security/cve/CVE-2016-2848

Trust: 0.8

title:ISC BIND Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65056

Trust: 0.6

title:Red Hat: Important: bind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162093 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind97 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162094 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162099 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: bind9 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3108-1

Trust: 0.1

title:Amazon Linux AMI: ALAS-2016-758url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-758

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-2848: A packet with malformed options can trigger an assertion failureurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=dd4f6f8da1fe3001ac04ce05d33ac6e0

Trust: 0.1

title:Red Hat: CVE-2016-2848url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-2848

Trust: 0.1

title:Forcepoint Security Advisories: CVE-2016-2848 BIND Security Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=fdc65b9c6a029ced678ecf39e7b80710

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=21c0efa2643d707e2f50a501209eb75c

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=13f3551b67d913fba90df4b2c0dae0bf

Trust: 0.1

title:Visionurl:https://github.com/CoolerVoid/Vision

Trust: 0.1

title:Vision2url:https://github.com/CoolerVoid/Vision2

Trust: 0.1

sources: VULMON: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690

EXTERNAL IDS

db:NVDid:CVE-2016-2848

Trust: 3.2

db:ISCid:AA-01433

Trust: 2.0

db:BIDid:93809

Trust: 1.4

db:BIDid:93814

Trust: 1.4

db:SECTRACKid:1037073

Trust: 1.1

db:JVNid:JVNVU95603997

Trust: 0.8

db:JVNDBid:JVNDB-2016-005484

Trust: 0.8

db:CNNVDid:CNNVD-201610-690

Trust: 0.6

db:VULMONid:CVE-2016-2848

Trust: 0.1

db:PACKETSTORMid:139290

Trust: 0.1

db:ISCid:AA-01419

Trust: 0.1

db:PACKETSTORMid:139327

Trust: 0.1

db:PACKETSTORMid:139288

Trust: 0.1

db:PACKETSTORMid:139289

Trust: 0.1

sources: VULMON: CVE-2016-2848 // BID: 93809 // BID: 93814 // JVNDB: JVNDB-2016-005484 // PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

REFERENCES

url:https://kb.isc.org/article/aa-01433/74/cve-2016-2848

Trust: 2.0

url:https://bugzilla.redhat.com/show_bug.cgi?id=1385450

Trust: 2.0

url:http://www.securityfocus.com/bid/93814

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2099.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2094.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2093.html

Trust: 1.2

url:http://www.securityfocus.com/bid/93809

Trust: 1.1

url:http://www.securitytracker.com/id/1037073

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20180926-0005/

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20180926-0002/

Trust: 1.1

url:https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git%3ba=commit%3bh=4adf97c32fcca7d00e5756607fd045f2aab9c3d4

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2848

Trust: 0.8

url:https://www.nic.ad.jp/ja/topics/2016/20161021-01.html

Trust: 0.8

url:https://jprs.jp/tech/security/2016-10-21-bind9-vuln-malformed-options.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu95603997/index.html

Trust: 0.8

url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2848

Trust: 0.8

url:https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4

Trust: 0.7

url:http://www.isc.org/products/bind/

Trust: 0.6

url:https://kb.isc.org/article/aa-01433

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-2848

Trust: 0.4

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024649

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/bind_advisory14.asc

Trust: 0.3

url:https://support.f5.com/kb/en-us/solutions/public/k/01/sol01471335.html?sr=59127075

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21994231

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2016-2848

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2016:2093

Trust: 0.1

url:https://usn.ubuntu.com/3108-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=49378

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.18

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-3108-1

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-2776

Trust: 0.1

url:https://kb.isc.org/article/aa-01419

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2776

Trust: 0.1

sources: VULMON: CVE-2016-2848 // BID: 93809 // BID: 93814 // JVNDB: JVNDB-2016-005484 // PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

CREDITS

Toshifumi Sakaguchi.

Trust: 0.3

sources: BID: 93809

SOURCES

db:VULMONid:CVE-2016-2848
db:BIDid:93809
db:BIDid:93814
db:JVNDBid:JVNDB-2016-005484
db:PACKETSTORMid:139290
db:PACKETSTORMid:139327
db:PACKETSTORMid:139288
db:PACKETSTORMid:139289
db:CNNVDid:CNNVD-201610-690
db:NVDid:CVE-2016-2848

LAST UPDATE DATE

2024-08-14T13:10:04.371000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2016-2848date:2018-09-27T00:00:00
db:BIDid:93809date:2016-10-26T01:16:00
db:BIDid:93814date:2017-03-07T04:01:00
db:JVNDBid:JVNDB-2016-005484date:2016-10-24T00:00:00
db:CNNVDid:CNNVD-201610-690date:2016-10-24T00:00:00
db:NVDid:CVE-2016-2848date:2023-11-07T02:32:05.353

SOURCES RELEASE DATE

db:VULMONid:CVE-2016-2848date:2016-10-21T00:00:00
db:BIDid:93809date:2016-10-20T00:00:00
db:BIDid:93814date:2016-10-20T00:00:00
db:JVNDBid:JVNDB-2016-005484date:2016-10-21T00:00:00
db:PACKETSTORMid:139290date:2016-10-21T15:52:28
db:PACKETSTORMid:139327date:2016-10-25T14:25:24
db:PACKETSTORMid:139288date:2016-10-21T15:52:12
db:PACKETSTORMid:139289date:2016-10-21T15:52:18
db:CNNVDid:CNNVD-201610-690date:2016-10-24T00:00:00
db:NVDid:CVE-2016-2848date:2016-10-21T10:59:00.177