Details of VAR-201610-0229

ID

VAR-201610-0229

CVE

CVE-2016-2848

TITLE

ISC BIND 9 Service operation interruption (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005484

DESCRIPTION

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record. ISC BIND 9 There is a service disruption (DoS) Vulnerabilities exist. ISC BIND With a packet containing specially crafted option information assertion failture ( Violation of representation ) There is a vulnerability that causes it. ISC Then 2013 Year 5 We are addressing this vulnerability in a version released in January (#3548) ,Current ISC Version of BIND Is not affected by this vulnerability. #3548 There is a possibility that this vulnerability has not been corrected for products that have been imported and maintained independently prior to the patch application.By processing crafted packets, assertion failure ( Violation of representation ) May cause the product to terminate abnormally. Both authoritative servers and cache servers are affected by this vulnerability. An attacker can exploit this issue to cause denial-of-service condition. NOTE: This BID is being retired as it is a duplicate of BID 93814 (ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability). =========================================================================== Ubuntu Security Notice USN-3108-1 October 21, 2016 bind9 vulnerability =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Bind could be made to crash if it received specially crafted network traffic. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.18 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2016:2099-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2099.html Issue date: 2016-10-25 CVE Names: CVE-2016-2776 CVE-2016-2848 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) * A denial of service flaw was found in the way BIND handled packets with malformed options. (CVE-2016-2848) Red Hat would like to thank ISC for reporting CVE-2016-2776. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1378380 - CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request 1385450 - CVE-2016-2848 bind: assertion failure triggered by a packet with malformed options 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.6.src.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.8.src.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6): x86_64: bind-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: bind-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.5.src.rpm x86_64: bind-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-chroot-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-libs-9.7.3-8.P3.el6_2.5.i686.rpm bind-libs-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-utils-9.7.3-8.P3.el6_2.5.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.9.src.rpm x86_64: bind-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.6.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.i686.rpm ppc64: bind-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm s390x: bind-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.s390x.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.8.src.rpm i386: bind-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.i686.rpm ppc64: bind-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm s390x: bind-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.s390x.rpm x86_64: bind-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.5.src.rpm x86_64: bind-debuginfo-9.7.3-8.P3.el6_2.5.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-devel-9.7.3-8.P3.el6_2.5.i686.rpm bind-devel-9.7.3-8.P3.el6_2.5.x86_64.rpm bind-sdb-9.7.3-8.P3.el6_2.5.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.9.src.rpm x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.9.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.9.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.4.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.i686.rpm ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.6.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.i686.rpm ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2776 https://access.redhat.com/security/cve/CVE-2016-2848 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01419 https://kb.isc.org/article/AA-01433 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYDyhNXlSAg2UNWIIRAg3OAKCZJF8wxwppm2XilkPQDl9JCxgrhACgguzk k0FTD0rt6WeBXIEha9Bfv4s= =miy+ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6) - i386, x86_64 3. (CVE-2016-2848) 4

Trust: 2.61

sources: NVD: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // BID: 93809 // BID: 93814 // VULMON: CVE-2016-2848 // PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289

AFFECTED PRODUCTS

vendor:	isc	model:	bind	scope:	eq	version:	9.6	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.4.3	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.4.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.4	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.6	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.5	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.4	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.3	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.2	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.3	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.8	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.7	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.6	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.5	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.4	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.3	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.2	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.2	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.1.3	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.1.2	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.1.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.7.1	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.7.0	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.7.7	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.7.6	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.8.0	Trust: 1.6
vendor:	isc	model:	bind	scope:	eq	version:	9.6.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.9.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.5	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.2.9	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.4.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.4	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.2	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.9.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.3.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.7.3	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.2.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.9.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.8.4	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.5.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.6.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.1.0 from 9.8.4-p2	Trust: 0.8
vendor:	isc	model:	bind	scope:	lte	version:	9.9.0 from 9.9.2-p2	Trust: 0.8
vendor:	isc	model:	bind p3	scope:	eq	version:	9.5.1	Trust: 0.6
vendor:	isc	model:	bind p1	scope:	eq	version:	9.5.1	Trust: 0.6
vendor:	isc	model:	bind a2	scope:	eq	version:	9.5	Trust: 0.6
vendor:	isc	model:	bind a1	scope:	eq	version:	9.5	Trust: 0.6
vendor:	isc	model:	bind p3	scope:	eq	version:	9.4.3	Trust: 0.6
vendor:	isc	model:	bind -p1	scope:	eq	version:	9.4.1	Trust: 0.6
vendor:	isc	model:	bind rc2	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind b4	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind b3	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind b2	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind b1	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a6	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a5	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a4	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a3	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a2	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind a1	scope:	eq	version:	9.4	Trust: 0.6
vendor:	isc	model:	bind p1	scope:	eq	version:	9.3.6	Trust: 0.6
vendor:	isc	model:	bind rc3	scope:	eq	version:	9.3.3	Trust: 0.6
vendor:	isc	model:	bind rc2	scope:	eq	version:	9.3.3	Trust: 0.6
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.3.3	Trust: 0.6
vendor:	isc	model:	bind b1	scope:	eq	version:	9.3.3	Trust: 0.6
vendor:	isc	model:	bind -p2	scope:	eq	version:	9.3.2	Trust: 0.6
vendor:	isc	model:	bind -p1	scope:	eq	version:	9.3.2	Trust: 0.6
vendor:	isc	model:	bind rc3	scope:	eq	version:	9.2.7	Trust: 0.6
vendor:	isc	model:	bind rc2	scope:	eq	version:	9.2.7	Trust: 0.6
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.2.7	Trust: 0.6
vendor:	isc	model:	bind b1	scope:	eq	version:	9.2.7	Trust: 0.6
vendor:	isc	model:	bind -p2	scope:	eq	version:	9.2.6	Trust: 0.6
vendor:	isc	model:	bind -p1	scope:	eq	version:	9.2.6	Trust: 0.6
vendor:	isc	model:	bind 9.7.1-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind p1	scope:	eq	version:	9.7.1	Trust: 0.6
vendor:	isc	model:	bind p2	scope:	eq	version:	9.7.0	Trust: 0.6
vendor:	isc	model:	bind 9.6.1-p3	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.6.1-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.6.0-p1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.2-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.2-p1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.1b1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0b2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0b1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0a7	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0a6	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0a5	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0a4	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0a3	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0-p2-w2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0-p2-w1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.5.0-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.3b2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.3-p5	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.3-p4	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.3-p1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.2-p2-w2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.2-p2-w1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.4.2-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.3.5-p2-w2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.3.5-p2-w1	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind 9.3.5-p2	scope:	-	version:	-	Trust: 0.6
vendor:	isc	model:	bind b	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.3	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.3.0	Trust: 0.3
vendor:	f5	model:	big-ip wom hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip psm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip asm hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.3.0	Trust: 0.3
vendor:	f5	model:	big-ip apm hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	3.1.0.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.24	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip apm hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.1.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.2.0.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip afm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip wom hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip apm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.1.0	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.2	Trust: 0.3
vendor:	f5	model:	big-ip pem hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip aam hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.36	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.4.0	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.3	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2.0.4	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip apm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.3.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.44	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.1.0	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.0	Trust: 0.3
vendor:	ibm	model:	netezza host management	scope:	eq	version:	5.4.6.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.46	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.4.0	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.34	Trust: 0.3
vendor:	ibm	model:	aix	scope:	eq	version:	7.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fix pack	scope:	eq	version:	2.26	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	ibm	model:	netezza host management	scope:	eq	version:	5.4.3	Trust: 0.3
vendor:	f5	model:	big-ip wom hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	ibm	model:	netezza host management	scope:	eq	version:	5.4.4	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.2	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.4.0.4	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.3.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	2.2	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip pem hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fp	scope:	eq	version:	3.2.0.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf6	scope:	eq	version:	11.3	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1.0.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf2	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry	scope:	eq	version:	3.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	ibm	model:	smartcloud entry appliance fi	scope:	eq	version:	2.3.0.4	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf8	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf8	scope:	eq	version:	11.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.2	Trust: 0.3

sources: BID: 93809 // BID: 93814 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-2848
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-2848
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201610-690
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2016-2848
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-2848
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2016-2848
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULMON: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2016-005484 // NVD: CVE-2016-2848

THREAT TYPE

remote

Trust: 1.0

sources: PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289 // CNNVD: CNNVD-201610-690

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.6

sources: BID: 93809 // BID: 93814

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005484

PATCH

title:	3548. [bug] The NSID request code in resolver.c was broken	url:	https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4	Trust: 0.8
title:	CVE-2016-2848: A packet with malformed options can trigger an assertion failure in ISC BIND versions released prior to May 2013 and in packages derived from releases prior to that date.	url:	https://kb.isc.org/article/AA-01433	Trust: 0.8
title:	Bug 1385450	url:	https://bugzilla.redhat.com/show_bug.cgi?id=1385450	Trust: 0.8
title:	CVE-2016-2848	url:	https://access.redhat.com/security/cve/CVE-2016-2848	Trust: 0.8
title:	ISC BIND Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65056	Trust: 0.6
title:	Red Hat: Important: bind security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162093 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: bind97 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162094 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: bind security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162099 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: bind9 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3108-1	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2016-758	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-758	Trust: 0.1
title:	Debian CVElist Bug Report Logs: bind9: CVE-2016-2848: A packet with malformed options can trigger an assertion failure	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=dd4f6f8da1fe3001ac04ce05d33ac6e0	Trust: 0.1
title:	Red Hat: CVE-2016-2848	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-2848	Trust: 0.1
title:	Forcepoint Security Advisories: CVE-2016-2848 BIND Security Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=fdc65b9c6a029ced678ecf39e7b80710	Trust: 0.1
title:	Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=21c0efa2643d707e2f50a501209eb75c	Trust: 0.1
title:	Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=13f3551b67d913fba90df4b2c0dae0bf	Trust: 0.1
title:	Vision	url:	https://github.com/CoolerVoid/Vision	Trust: 0.1
title:	Vision2	url:	https://github.com/CoolerVoid/Vision2	Trust: 0.1

sources: VULMON: CVE-2016-2848 // JVNDB: JVNDB-2016-005484 // CNNVD: CNNVD-201610-690

EXTERNAL IDS

db:	NVD	id:	CVE-2016-2848	Trust: 3.2
db:	ISC	id:	AA-01433	Trust: 2.0
db:	BID	id:	93809	Trust: 1.4
db:	BID	id:	93814	Trust: 1.4
db:	SECTRACK	id:	1037073	Trust: 1.1
db:	JVN	id:	JVNVU95603997	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-005484	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-690	Trust: 0.6
db:	VULMON	id:	CVE-2016-2848	Trust: 0.1
db:	PACKETSTORM	id:	139290	Trust: 0.1
db:	ISC	id:	AA-01419	Trust: 0.1
db:	PACKETSTORM	id:	139327	Trust: 0.1
db:	PACKETSTORM	id:	139288	Trust: 0.1
db:	PACKETSTORM	id:	139289	Trust: 0.1

sources: VULMON: CVE-2016-2848 // BID: 93809 // BID: 93814 // JVNDB: JVNDB-2016-005484 // PACKETSTORM: 139290 // PACKETSTORM: 139327 // PACKETSTORM: 139288 // PACKETSTORM: 139289 // CNNVD: CNNVD-201610-690 // NVD: CVE-2016-2848

REFERENCES

url:	https://kb.isc.org/article/aa-01433/74/cve-2016-2848	Trust: 2.0
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1385450	Trust: 2.0
url:	http://www.securityfocus.com/bid/93814	Trust: 1.2
url:	http://rhn.redhat.com/errata/rhsa-2016-2099.html	Trust: 1.2
url:	http://rhn.redhat.com/errata/rhsa-2016-2094.html	Trust: 1.2
url:	http://rhn.redhat.com/errata/rhsa-2016-2093.html	Trust: 1.2
url:	http://www.securityfocus.com/bid/93809	Trust: 1.1
url:	http://www.securitytracker.com/id/1037073	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20180926-0005/	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20180926-0002/	Trust: 1.1
url:	https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git%3ba=commit%3bh=4adf97c32fcca7d00e5756607fd045f2aab9c3d4	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2848	Trust: 0.8
url:	https://www.nic.ad.jp/ja/topics/2016/20161021-01.html	Trust: 0.8
url:	https://jprs.jp/tech/security/2016-10-21-bind9-vuln-malformed-options.html	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu95603997/index.html	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2848	Trust: 0.8
url:	https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcca7d00e5756607fd045f2aab9c3d4	Trust: 0.7
url:	http://www.isc.org/products/bind/	Trust: 0.6
url:	https://kb.isc.org/article/aa-01433	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2016-2848	Trust: 0.4
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1024649	Trust: 0.3
url:	http://aix.software.ibm.com/aix/efixes/security/bind_advisory14.asc	Trust: 0.3
url:	https://support.f5.com/kb/en-us/solutions/public/k/01/sol01471335.html?sr=59127075	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21994231	Trust: 0.3
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2016-2848	Trust: 0.3
url:	https://bugzilla.redhat.com/):	Trust: 0.3
url:	https://access.redhat.com/security/team/key/	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/team/contact/	Trust: 0.3
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2016:2093	Trust: 0.1
url:	https://usn.ubuntu.com/3108-1/	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=49378	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.18	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-3108-1	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-2776	Trust: 0.1
url:	https://kb.isc.org/article/aa-01419	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-2776	Trust: 0.1

CREDITS

Toshifumi Sakaguchi.

Trust: 0.3

sources: BID: 93809

SOURCES

db:	VULMON	id:	CVE-2016-2848
db:	BID	id:	93809
db:	BID	id:	93814
db:	JVNDB	id:	JVNDB-2016-005484
db:	PACKETSTORM	id:	139290
db:	PACKETSTORM	id:	139327
db:	PACKETSTORM	id:	139288
db:	PACKETSTORM	id:	139289
db:	CNNVD	id:	CNNVD-201610-690
db:	NVD	id:	CVE-2016-2848

LAST UPDATE DATE

2024-08-14T13:10:04.371000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2016-2848	date:	2018-09-27T00:00:00
db:	BID	id:	93809	date:	2016-10-26T01:16:00
db:	BID	id:	93814	date:	2017-03-07T04:01:00
db:	JVNDB	id:	JVNDB-2016-005484	date:	2016-10-24T00:00:00
db:	CNNVD	id:	CNNVD-201610-690	date:	2016-10-24T00:00:00
db:	NVD	id:	CVE-2016-2848	date:	2023-11-07T02:32:05.353

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2016-2848	date:	2016-10-21T00:00:00
db:	BID	id:	93809	date:	2016-10-20T00:00:00
db:	BID	id:	93814	date:	2016-10-20T00:00:00
db:	JVNDB	id:	JVNDB-2016-005484	date:	2016-10-21T00:00:00
db:	PACKETSTORM	id:	139290	date:	2016-10-21T15:52:28
db:	PACKETSTORM	id:	139327	date:	2016-10-25T14:25:24
db:	PACKETSTORM	id:	139288	date:	2016-10-21T15:52:12
db:	PACKETSTORM	id:	139289	date:	2016-10-21T15:52:18
db:	CNNVD	id:	CNNVD-201610-690	date:	2016-10-24T00:00:00
db:	NVD	id:	CVE-2016-2848	date:	2016-10-21T10:59:00.177