ID

VAR-201611-0348


CVE

CVE-2016-8864


TITLE

ISC BIND of DNAME Vulnerability in processing response packets containing records

Trust: 0.8

sources: JVNDB: JVNDB-2016-005674

DESCRIPTION

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. ISC BIND Is DNAME There is a problem with the response packet containing the record, db.c Or resolver.c so assertion failture ( Violation of representation ) And the result named May end abnormally. (resolver.c so assertion failure If this happens "INSIST((valoptions & 0x0002U) != 0) failed" , db.c so assertion failure If this happens "REQUIRE(targetp != ((void *)0) && *targetp == ((void *)0)) failed" Is displayed. ) According to the developer, 2016 Year 11 Moon 2 No attacks have been observed as of the day, but queries that cause crashes are mentioned on the public mailing list. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. https://cwe.mitre.org/data/definitions/19.htmlService disruption by a remote third party (DoS) An attack may be carried out. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. ISC BIND versions 9.0.x through 9.8.x, 9.9.0 through 9.9.9-P3, 9.9.3-S1 through 9.9.9-S5, 9.10.0 through 9.10.4-P3 and 9.11.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2016:2871-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2871.html Issue date: 2016-12-06 CVE Names: CVE-2016-8864 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. (CVE-2016-8864) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) and Marco Davids (SIDN Labs) as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1389652 - CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.9.src.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: bind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.6.src.rpm x86_64: bind-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-chroot-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-libs-9.7.3-8.P3.el6_2.6.i686.rpm bind-libs-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-utils-9.7.3-8.P3.el6_2.6.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.10.src.rpm x86_64: bind-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.7.src.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.7.src.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.9.src.rpm i386: bind-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.i686.rpm ppc64: bind-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm s390x: bind-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.s390x.rpm x86_64: bind-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: bind-9.7.3-8.P3.el6_2.6.src.rpm x86_64: bind-debuginfo-9.7.3-8.P3.el6_2.6.i686.rpm bind-debuginfo-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-devel-9.7.3-8.P3.el6_2.6.i686.rpm bind-devel-9.7.3-8.P3.el6_2.6.x86_64.rpm bind-sdb-9.7.3-8.P3.el6_2.6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.10.src.rpm x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.10.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.10.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.5.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.5.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.i686.rpm ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8864 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01434 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYRlsfXlSAg2UNWIIRAmy8AJ9xFyJSMmX2XN+lcWzsNNQT7cfR8QCggVOj KpG5DRbXaKAdrUMg5IeIS+s= =aWJX -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . =========================================================================== Ubuntu Security Notice USN-3119-1 November 01, 2016 bind9 vulnerability =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Bind could be made to crash if it received specially crafted network traffic. Software Description: - bind9: Internet Domain Name Server Details: Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.1 Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.2 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.10 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.19 In general, a standard system update will make all the necessary changes. Bug Fix(es): * ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK is essential for ensuring that validating DNS resolvers continue to function following the rollover. (BZ#1459648) 4. Release Date: 2017-01-27 Last Updated: 2017-01-27 Potential Security Impact: Remote: Denial of Service (DoS) Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create multiple Denial of Services (DoS). - HP-UX BIND B.11.31 - BIND 9.9.4 prior to C.9.9.4.9.0 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-8864 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9131 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-9444 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has provided the following software updates to resolve the vulnerability in the HP-UX BIND service running named. * BIND 9.9.4 for HP-UX Release B.11.31 (PA and IA) * Depot: HP_UX_11.31_HPUX-NameServer_C.9.9.4.9.0_HP-UX_B.11.31_IA_PA.depot Note: The depot files can be found here: <https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=BIND> MANUAL ACTIONS: Yes - Update Download and install the software update PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HPE and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: <https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=B6834AA> The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.31 IA/PA =================== NameService.BIND-AUX NameService.BIND-RUN action: install C.9.9.4.9.0 or subsequent HISTORY Version:1 (rev.1) - 28 January 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Workaround ========== There is no known workaround at this time. Resolution ========== All BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.4_p4" References ========== [ 1 ] CVE-2016-8864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8864 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-26 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . 6) - i386, x86_64 3

Trust: 2.7

sources: NVD: CVE-2016-8864 // JVNDB: JVNDB-2016-005674 // BID: 94067 // VULMON: CVE-2016-8864 // PACKETSTORM: 139496 // PACKETSTORM: 139541 // PACKETSTORM: 140046 // PACKETSTORM: 139461 // PACKETSTORM: 143169 // PACKETSTORM: 140943 // PACKETSTORM: 140436 // PACKETSTORM: 139497

AFFECTED PRODUCTS

vendor:iscmodel:bindscope:eqversion:9.11.0

Trust: 1.8

vendor:iscmodel:bindscope:gteversion:9.0.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.7

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.9

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.4

Trust: 1.0

vendor:iscmodel:bindscope:gteversion:9.10.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.4

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:data ontap edgescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.5

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.4

Trust: 1.0

vendor:iscmodel:bindscope:ltversion:9.10.4

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:6.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.10.4

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.5

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.2

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.2

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:iscmodel:bindscope:ltversion:9.9.9

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.0.1

Trust: 0.9

vendor:iscmodel:bindscope:eqversion:9.0

Trust: 0.9

vendor:iscmodel:bindscope:lteversion:9.0.x from 9.8.x

Trust: 0.8

vendor:iscmodel:bindscope:lteversion:9.10.0 from 9.10.4-p3

Trust: 0.8

vendor:iscmodel:bindscope:lteversion:9.9.0 from 9.9.9-p3

Trust: 0.8

vendor:iscmodel:bindscope:lteversion:9.9.3-s1 from 9.9.9-s5

Trust: 0.8

vendor:iscmodel:bindscope:eqversion:9.2.4

Trust: 0.6

vendor:iscmodel:bindscope:eqversion:9.0.0

Trust: 0.6

vendor:junipermodel:junos 15.1x49-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d46scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d37scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d36scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.4

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.3

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.4.6.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.9.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.8.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.7.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.6.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.3

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.2.0

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.10.0

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:hpmodel:hp-ux bind b.11.31scope: - version: -

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:12.1

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip websafescope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip dnsscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d70scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d45scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d65scope:neversion: -

Trust: 0.3

sources: BID: 94067 // JVNDB: JVNDB-2016-005674 // CNNVD: CNNVD-201610-898 // NVD: CVE-2016-8864

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8864
value: HIGH

Trust: 1.0

NVD: CVE-2016-8864
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201610-898
value: HIGH

Trust: 0.6

VULMON: CVE-2016-8864
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-8864
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-8864
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2016-8864
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2016-8864 // JVNDB: JVNDB-2016-005674 // CNNVD: CNNVD-201610-898 // NVD: CVE-2016-8864

PROBLEMTYPE DATA

problemtype:CWE-617

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2016-005674 // NVD: CVE-2016-8864

THREAT TYPE

remote

Trust: 1.3

sources: PACKETSTORM: 139496 // PACKETSTORM: 139541 // PACKETSTORM: 140046 // PACKETSTORM: 139461 // PACKETSTORM: 143169 // PACKETSTORM: 140436 // PACKETSTORM: 139497 // CNNVD: CNNVD-201610-898

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201610-898

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005674

PATCH

title:CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failureurl:https://kb.isc.org/article/AA-01434

Trust: 0.8

title:ISC BIND Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65217

Trust: 0.6

title:Red Hat: Important: bind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162615 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162141 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162871 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind97 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162142 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20171583 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: bind9 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3119-1

Trust: 0.1

title:Debian Security Advisories: DSA-3703-1 bind9 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=25170e4c26eb5596b991447b2fe3f73c

Trust: 0.1

title:Arch Linux Advisories: [ASA-201611-3] bind: denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201611-3

Trust: 0.1

title:Debian Security Advisories: DSA-3795-1 bind9 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e9e51aab92f45f9d888ad1ffc92c4f3d

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2017-3135: Assertion failure when using DNS64 and RPZ can lead to crashurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=81f60d35c70eaa48875e5b7abedb8f93

Trust: 0.1

title:Amazon Linux AMI: ALAS-2016-768url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-768

Trust: 0.1

title:Red Hat: CVE-2016-8864url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-8864

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2016-8864

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-6170: Improper restriction of zone size limiturl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=e02ec149f48761d28abbc8f9e7aa9438

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failureurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=242cf61148134d5daf6c6f211f3dc7b2

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresdurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=203ff59e2f48888eafac702f965368d2

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failureurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1b1bb9752a4b7727509a33fc1bcf30af

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failureurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=da9e0b6af817aa72c070683e0bb02db7

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursionurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9d0264b02e692c0714293a515e15b50a

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2016-2776: Assertion failure in query processingurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=fdfc8fe346679f9224f550ec67083216

Trust: 0.1

title:Forcepoint Security Advisories: CVE-2016-8864 BIND Security Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=4a067339d3ba130473f82866197373b9

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=586e6062440cdd312211d748e028164e

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=6839c4d3fd328571c675c335d58b5591

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=21c0efa2643d707e2f50a501209eb75c

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=13f3551b67d913fba90df4b2c0dae0bf

Trust: 0.1

title:check_debsecanurl:https://github.com/AMD1212/check_debsecan

Trust: 0.1

title:Visionurl:https://github.com/CoolerVoid/Vision

Trust: 0.1

title:Vision2url:https://github.com/CoolerVoid/Vision2

Trust: 0.1

title:bind9url:https://github.com/ALTinners/bind9

Trust: 0.1

title:balabit-os-7-bind9url:https://github.com/balabit-deps/balabit-os-7-bind9

Trust: 0.1

title:os-bind9url:https://github.com/pexip/os-bind9

Trust: 0.1

title:rhsecapiurl:https://github.com/RedHatOfficial/rhsecapi

Trust: 0.1

title:cve-pyliburl:https://github.com/RedHatProductSecurity/cve-pylib

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2017/04/13/monster_patch_day_for_juniper/

Trust: 0.1

sources: VULMON: CVE-2016-8864 // JVNDB: JVNDB-2016-005674 // CNNVD: CNNVD-201610-898

EXTERNAL IDS

db:NVDid:CVE-2016-8864

Trust: 3.6

db:ISCid:AA-01434

Trust: 2.5

db:BIDid:94067

Trust: 2.0

db:ISCid:AA-01435

Trust: 1.7

db:ISCid:AA-01437

Trust: 1.7

db:ISCid:AA-01436

Trust: 1.7

db:ISCid:AA-01438

Trust: 1.7

db:SECTRACKid:1037156

Trust: 1.7

db:JVNid:JVNVU92683474

Trust: 0.8

db:JVNDBid:JVNDB-2016-005674

Trust: 0.8

db:CNNVDid:CNNVD-201610-898

Trust: 0.6

db:JUNIPERid:JSA10785

Trust: 0.3

db:VULMONid:CVE-2016-8864

Trust: 0.1

db:PACKETSTORMid:139496

Trust: 0.1

db:PACKETSTORMid:139541

Trust: 0.1

db:PACKETSTORMid:140046

Trust: 0.1

db:PACKETSTORMid:139461

Trust: 0.1

db:ISCid:AA-01440

Trust: 0.1

db:ISCid:AA-01441

Trust: 0.1

db:ISCid:AA-01466

Trust: 0.1

db:ISCid:AA-01439

Trust: 0.1

db:PACKETSTORMid:143169

Trust: 0.1

db:PACKETSTORMid:140943

Trust: 0.1

db:PACKETSTORMid:140436

Trust: 0.1

db:PACKETSTORMid:139497

Trust: 0.1

sources: VULMON: CVE-2016-8864 // BID: 94067 // JVNDB: JVNDB-2016-005674 // PACKETSTORM: 139496 // PACKETSTORM: 139541 // PACKETSTORM: 140046 // PACKETSTORM: 139461 // PACKETSTORM: 143169 // PACKETSTORM: 140943 // PACKETSTORM: 140436 // PACKETSTORM: 139497 // CNNVD: CNNVD-201610-898 // NVD: CVE-2016-8864

REFERENCES

url:https://kb.isc.org/article/aa-01434

Trust: 2.5

url:http://rhn.redhat.com/errata/rhsa-2016-2871.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-2615.html

Trust: 1.8

url:https://security.gentoo.org/glsa/201701-26

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2017:1583

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-2142.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-2141.html

Trust: 1.8

url:http://www.securityfocus.com/bid/94067

Trust: 1.7

url:https://kb.isc.org/article/aa-01438

Trust: 1.7

url:https://kb.isc.org/article/aa-01437

Trust: 1.7

url:https://kb.isc.org/article/aa-01436

Trust: 1.7

url:https://kb.isc.org/article/aa-01435

Trust: 1.7

url:http://www.debian.org/security/2016/dsa-3703

Trust: 1.7

url:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05381687

Trust: 1.7

url:http://www.securitytracker.com/id/1037156

Trust: 1.7

url:https://security.freebsd.org/advisories/freebsd-sa-16:34.bind.asc

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20180926-0005/

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8864

Trust: 0.8

url:https://www.jpcert.or.jp/at/2016/at160044.html

Trust: 0.8

url:https://www.nic.ad.jp/ja/topics/2016/20161102-01.html

Trust: 0.8

url:https://jprs.jp/tech/security/2016-11-02-bind9-vuln-dname.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu92683474/index.html

Trust: 0.8

url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8864

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-8864

Trust: 0.8

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://bugzilla.redhat.com/):

Trust: 0.5

url:https://access.redhat.com/security/team/key/

Trust: 0.5

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2016-8864

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.5

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05381687

Trust: 0.4

url:http://www.isc.org/products/bind/

Trust: 0.3

url:https://support.f5.com/kb/en-us/solutions/public/k/35/sol35322517.html?sr=59127107

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10785&cat=sirt_1&actp=list

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024402

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/bind_advisory14.asc

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21994505

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-9131

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-9444

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/617.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2016:2615

Trust: 0.1

url:https://usn.ubuntu.com/3119-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=49560

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.19

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.10

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-10.1ubuntu1.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.2

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-3119-1

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-9147

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-9444

Trust: 0.1

url:https://kb.isc.org/article/aa-01441

Trust: 0.1

url:https://kb.isc.org/article/aa-01439

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-3137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-3137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9147

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-9131

Trust: 0.1

url:https://kb.isc.org/article/aa-01440

Trust: 0.1

url:https://kb.isc.org/article/aa-01466

Trust: 0.1

url:http://www.hpe.com/support/security_bulletin_archive

Trust: 0.1

url:https://www.hpe.com/info/report-security-vulnerability

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499

Trust: 0.1

url:https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumb

Trust: 0.1

url:http://www.hpe.com/support/subscriber_choice

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-8864

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

sources: VULMON: CVE-2016-8864 // BID: 94067 // JVNDB: JVNDB-2016-005674 // PACKETSTORM: 139496 // PACKETSTORM: 139541 // PACKETSTORM: 140046 // PACKETSTORM: 139461 // PACKETSTORM: 143169 // PACKETSTORM: 140943 // PACKETSTORM: 140436 // PACKETSTORM: 139497 // CNNVD: CNNVD-201610-898 // NVD: CVE-2016-8864

CREDITS

and others, Marco Davids (SIDN Labs),ony Finch (University of Cambridge)

Trust: 0.6

sources: CNNVD: CNNVD-201610-898

SOURCES

db:VULMONid:CVE-2016-8864
db:BIDid:94067
db:JVNDBid:JVNDB-2016-005674
db:PACKETSTORMid:139496
db:PACKETSTORMid:139541
db:PACKETSTORMid:140046
db:PACKETSTORMid:139461
db:PACKETSTORMid:143169
db:PACKETSTORMid:140943
db:PACKETSTORMid:140436
db:PACKETSTORMid:139497
db:CNNVDid:CNNVD-201610-898
db:NVDid:CVE-2016-8864

LAST UPDATE DATE

2024-11-07T21:03:03.539000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2016-8864date:2020-08-17T00:00:00
db:BIDid:94067date:2017-05-02T03:10:00
db:JVNDBid:JVNDB-2016-005674date:2016-11-10T00:00:00
db:CNNVDid:CNNVD-201610-898date:2020-08-18T00:00:00
db:NVDid:CVE-2016-8864date:2020-08-17T17:44:23.360

SOURCES RELEASE DATE

db:VULMONid:CVE-2016-8864date:2016-11-02T00:00:00
db:BIDid:94067date:2016-11-02T00:00:00
db:JVNDBid:JVNDB-2016-005674date:2016-11-02T00:00:00
db:PACKETSTORMid:139496date:2016-11-02T20:15:40
db:PACKETSTORMid:139541date:2016-11-04T20:10:20
db:PACKETSTORMid:140046date:2016-12-06T16:56:18
db:PACKETSTORMid:139461date:2016-11-01T22:21:46
db:PACKETSTORMid:143169date:2017-06-28T20:19:00
db:PACKETSTORMid:140943date:2017-02-06T17:16:00
db:PACKETSTORMid:140436date:2017-01-11T18:55:42
db:PACKETSTORMid:139497date:2016-11-02T20:15:47
db:CNNVDid:CNNVD-201610-898date:2016-11-02T00:00:00
db:NVDid:CVE-2016-8864date:2016-11-02T17:59:00.187