Vulnerabilities > CVE-2016-2776 - Improper Input Validation vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
oracle
isc
hp
CWE-20
nessus
exploit available
metasploit

Summary

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Server Side Include (SSI) Injection
    An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
  • Cross Zone Scripting
    An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
  • Cross Site Scripting through Log Files
    An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
  • Command Line Execution through SQL Injection
    An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.

Exploit-Db

descriptionBind 9 DNS Server - Denial of Service. CVE-2016-2776. Dos exploit for Multiple platform
fileexploits/multiple/dos/40453.py
idEDB-ID:40453
last seen2016-10-04
modified2016-10-04
platformmultiple
port53
published2016-10-04
reporterInfobyte
sourcehttps://www.exploit-db.com/download/40453/
titleBind 9 DNS Server - Denial of Service
typedos

Metasploit

descriptionA defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria. This assertion can be triggered even if the apparent source address isn't allowed to make queries.
idMSF:AUXILIARY/DOS/DNS/BIND_TSIG
last seen2020-06-10
modified2020-05-28
published2017-08-26
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/dns/bind_tsig.rb
titleBIND TSIG Query Denial of Service

Nessus

  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0021.NASL
    descriptionAn update of [zlib,bindutils,ruby,krb5,sudo] packages for PhotonOS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111870
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111870
    titlePhoton OS 1.0: Bindutils / Krb5 / Ruby / Sudo / Zlib PHSA-2017-0021 (deprecated)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2/7/2019
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2017-0021. The text
    # itself is copyright (C) VMware, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(111870);
      script_version("1.3");
      script_cvs_date("Date: 2019/04/05 23:25:07");
    
      script_cve_id(
        "CVE-2016-2776",
        "CVE-2016-3120",
        "CVE-2016-9841",
        "CVE-2016-9843",
        "CVE-2016-1000368",
        "CVE-2017-9224",
        "CVE-2017-9225",
        "CVE-2017-9227",
        "CVE-2017-9229",
        "CVE-2017-1000367",
        "CVE-2017-1000368"
      );
    
      script_name(english:"Photon OS 1.0: Bindutils / Krb5 / Ruby / Sudo / Zlib PHSA-2017-0021 (deprecated)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "This plugin has been deprecated.");
      script_set_attribute(attribute:"description", value:
    "An update of [zlib,bindutils,ruby,krb5,sudo] packages for PhotonOS has
    been released.");
      # https://github.com/vmware/photon/wiki/Security-Updates-51
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?11072ed6");
      script_set_attribute(attribute:"solution", value:"n/a.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2776");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/06/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:bindutils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:krb5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:ruby");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:sudo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated.");
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    pkgs = [
      "bindutils-9.10.4-2.ph1",
      "bindutils-debuginfo-9.10.4-2.ph1",
      "krb5-1.14-6.ph1",
      "krb5-debuginfo-1.14-6.ph1",
      "ruby-2.4.0-3.ph1",
      "ruby-debuginfo-2.4.0-3.ph1",
      "sudo-1.8.20p2-1.ph1",
      "sudo-debuginfo-1.8.20p2-1.ph1",
      "zlib-1.2.8-5.ph1",
      "zlib-debuginfo-1.2.8-5.ph1",
      "zlib-devel-1.2.8-5.ph1"
    ];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"PhotonOS-1.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bindutils / krb5 / ruby / sudo / zlib");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1944.NASL
    descriptionAn update for bind is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93784
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93784
    titleRHEL 5 / 6 / 7 : bind (RHSA-2016:1944)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0021_BINDUTILS.NASL
    descriptionAn update of the bindutils package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id121700
    published2019-02-07
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121700
    titlePhoton OS 1.0: Bindutils PHSA-2017-0021
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1052.NASL
    descriptionAccording to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.(CVE-2016-2775) - buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.(CVE-2016-2776) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-02-27
    plugin id97416
    published2017-02-27
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97416
    titleEulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1052)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-751.NASL
    descriptionA denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
    last seen2020-06-01
    modified2020-06-02
    plugin id93789
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93789
    titleAmazon Linux AMI : bind (ALAS-2016-751)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0137.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2016-2776)
    last seen2020-06-01
    modified2020-06-02
    plugin id93793
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93793
    titleOracleVM 3.2 : bind (OVMSA-2016-0137)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2016-271-01.NASL
    descriptionNew bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93742
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93742
    titleSlackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2016-271-01)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160928_BIND_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776)
    last seen2020-03-18
    modified2016-09-29
    plugin id93797
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93797
    titleScientific Linux Security Update : bind on SL5.x, SL6.x, SL7.x i386/x86_64 (20160928)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV90056.NASL
    descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote attacker could exploit this vulnerability to make named exit unexpectedly with an assertion failure. ISC BIND is vulnerable to a denial of service, caused by an error when lwresd or the named lwres option is enabled. By sending an overly long request, a remote attacker could exploit this vulnerability to cause the daemon to crash. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory13.nasl (plugin id 102125).
    last seen2017-10-29
    modified2017-08-03
    plugin id94968
    published2016-11-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=94968
    titleAIX 5.3 TL 12 : bind (IV90056) (deprecated)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-1945.NASL
    descriptionFrom Red Hat Security Advisory 2016:1945 : An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93791
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93791
    titleOracle Linux 5 : bind97 (ELSA-2016-1945)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3088-1.NASL
    descriptionIt was discovered that Bind incorrectly handled building responses to certain specially crafted requests. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93773
    published2016-09-28
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93773
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : bind9 vulnerability (USN-3088-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-F6E4E66202.NASL
    descriptionUpdate to the latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94884
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94884
    titleFedora 25 : bind99 (2016-f6e4e66202)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0021_KRB5.NASL
    descriptionAn update of the krb5 package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121701
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121701
    titlePhoton OS 1.0: Krb5 PHSA-2017-0021
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_C8D902B1855011E681E7D050996490D0.NASL
    descriptionISC reports : Testing by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria.
    last seen2020-06-01
    modified2020-06-02
    plugin id93781
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93781
    titleFreeBSD : BIND -- Remote Denial of Service vulnerability (c8d902b1-8550-11e6-81e7-d050996490d0)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-645.NASL
    descriptionCVE-2016-2775 lwresd crash with long query name Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232. CVE-2016-2776 assertion failure due to unspecified crafted query Fix based on 43139-9-9.patch from ISC. For Debian 7
    last seen2020-03-17
    modified2016-10-06
    plugin id93868
    published2016-10-06
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/93868
    titleDebian DLA-645-1 : bind9 security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-1944.NASL
    descriptionFrom Red Hat Security Advisory 2016:1944 : An update for bind is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93790
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93790
    titleOracle Linux 5 / 6 / 7 : bind (ELSA-2016-1944)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160928_BIND97_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776)
    last seen2020-03-18
    modified2016-09-29
    plugin id93796
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93796
    titleScientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20160928)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2405-1.NASL
    descriptionThe nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93772
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93772
    titleSUSE SLES11 Security Update : bind (SUSE-SU-2016:2405-1)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV89829.NASL
    descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote attacker could exploit this vulnerability to make named exit unexpectedly with an assertion failure. ISC BIND is vulnerable to a denial of service, caused by an error when lwresd or the named lwres option is enabled. By sending an overly long request, a remote attacker could exploit this vulnerability to cause the daemon to crash. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory13.nasl (plugin id 102125).
    last seen2017-10-29
    modified2017-08-03
    plugin id94965
    published2016-11-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=94965
    titleAIX 7.1 TL 4 : bind (IV89829) (deprecated)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-CBEF6C8619.NASL
    descriptionUpdate to the latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-25
    plugin id94237
    published2016-10-25
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94237
    titleFedora 23 : bind99 (2016-cbef6c8619)
  • NASL familyAIX Local Security Checks
    NASL idAIX_BIND_ADVISORY13.NASL
    descriptionThe version of bind installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists due to an error in the lightweight resolver (lwres) protocol implementation when resolving a query name that, when combined with a search list entry, exceeds the maximum allowable length. An unauthenticated, remote attacker can exploit this to cause a segmentation fault, resulting in a denial of service condition. This issue occurs when lwresd or the the named
    last seen2020-06-01
    modified2020-06-02
    plugin id102125
    published2017-08-03
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/102125
    titleAIX bind Advisory : bind_advisory13.asc (IV89828) (IV89829) (IV89830) (IV89831) (IV90056)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV89831.NASL
    descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote attacker could exploit this vulnerability to make named exit unexpectedly with an assertion failure. ISC BIND is vulnerable to a denial of service, caused by an error when lwresd or the named lwres option is enabled. By sending an overly long request, a remote attacker could exploit this vulnerability to cause the daemon to crash. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory13.nasl (plugin id 102125).
    last seen2017-10-29
    modified2017-08-03
    plugin id94967
    published2016-11-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=94967
    titleAIX 7.2 TL 0 : bind (IV89831) (deprecated)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0136.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2016-2776) - Updated named.ca hints file to the latest version (#1267991) - Fix excessive queries caused by DS chasing with stub zones when DNSSEC is not used (#1227189) - Added the fixed tarball with configuration to Sources (Related: #1223359) - Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93792
    published2016-09-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93792
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2016-0136)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201610-07.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201610-07 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service condition through multiple attack vectors. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id93994
    published2016-10-12
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93994
    titleGLSA-201610-07 : BIND: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2401-1.NASL
    descriptionThe nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93770
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93770
    titleSUSE SLES12 Security Update : bind (SUSE-SU-2016:2401-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-3AF8B344F1.NASL
    descriptionUpdate to latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-25
    plugin id94236
    published2016-10-25
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94236
    titleFedora 23 : 32:bind (2016-3af8b344f1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1133.NASL
    descriptionThe nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-05
    modified2016-09-28
    plugin id93782
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93782
    titleopenSUSE Security Update : bind (openSUSE-2016-1133)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2099.NASL
    descriptionAn update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) * A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet. (CVE-2016-2848) Red Hat would like to thank ISC for reporting CVE-2016-2776.
    last seen2020-06-01
    modified2020-06-02
    plugin id94265
    published2016-10-26
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94265
    titleRHEL 6 : bind (RHSA-2016:2099)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-2D9825F7C1.NASL
    descriptionUpdate to latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-06
    plugin id93878
    published2016-10-06
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93878
    titleFedora 24 : 32:bind (2016-2d9825f7c1)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2020-0021.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details.
    last seen2020-06-10
    modified2020-06-05
    plugin id137170
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137170
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-1945.NASL
    descriptionAn update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93780
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93780
    titleCentOS 5 : bind97 (CESA-2016:1945)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1945.NASL
    descriptionAn update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93785
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93785
    titleRHEL 5 : bind97 (RHSA-2016:1945)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-1944.NASL
    descriptionAn update for bind is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id93779
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93779
    titleCentOS 5 / 6 / 7 : bind (CESA-2016:1944)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV89830.NASL
    descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote attacker could exploit this vulnerability to make named exit unexpectedly with an assertion failure. ISC BIND is vulnerable to a denial of service, caused by an error when lwresd or the named lwres option is enabled. By sending an overly long request, a remote attacker could exploit this vulnerability to cause the daemon to crash. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory13.nasl (plugin id 102125).
    last seen2017-10-29
    modified2017-08-03
    plugin id94966
    published2016-11-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=94966
    titleAIX 7.1 TL 3 : bind (IV89830) (deprecated)
  • NASL familyDNS
    NASL idBIND9_9104_P3.NASL
    descriptionAccording to its self-reported version number, the version of ISC BIND running on the remote name server is 9.9.x prior to 9.9.9-P3, 9.10.x prior to 9.10.4-P3, or 9.11.x prior to 9.11.0rc3. It is, therefore, affected by a denial of service vulnerability within file buffer.c due to improper construction of responses to crafted requests. An unauthenticated, remote attacker can exploit this, via a specially crafted query, to cause an assertion failure, resulting in a daemon exit.
    last seen2020-06-01
    modified2020-06-02
    plugin id93865
    published2016-10-05
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/93865
    titleISC BIND 9.9.x < 9.9.9-P3 / 9.10.x < 9.10.4-P3 / 9.11.x < 9.11.0rc3 buffer.c Query Response DoS
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV89828.NASL
    descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776 ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a specifically constructed request. By sending a specially crafted DNS packet, a remote attacker could exploit this vulnerability to make named exit unexpectedly with an assertion failure. ISC BIND is vulnerable to a denial of service, caused by an error when lwresd or the named lwres option is enabled. By sending an overly long request, a remote attacker could exploit this vulnerability to cause the daemon to crash. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin aix_bind_advisory13.nasl (plugin id 102125).
    last seen2017-10-29
    modified2017-08-03
    plugin id94964
    published2016-11-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=94964
    titleAIX 6.1 TL 9 : bind (IV89828) (deprecated)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2017-0066.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen2020-06-01
    modified2020-06-02
    plugin id99569
    published2017-04-21
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99569
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-76BD94CA9E.NASL
    descriptionUpdate to latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94821
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94821
    titleFedora 25 : 32:bind (2016-76bd94ca9e)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1433.NASL
    descriptionAccording to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2016-2776) - A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash.(CVE-2016-1285) - A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.(CVE-2015-4620) - A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet.(CVE-2015-5477) - A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.(CVE-2014-0591) - A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash.(CVE-2015-5722) - It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the
    last seen2020-06-01
    modified2020-06-02
    plugin id124936
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124936
    titleEulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2399-1.NASL
    descriptionThe nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93769
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93769
    titleSUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2399-1)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL18829561.NASL
    descriptionTesting by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria.This assertion can be triggered even if the apparent source address isn
    last seen2020-06-01
    modified2020-06-02
    plugin id95939
    published2016-12-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95939
    titleF5 Networks BIG-IP : BIND vulnerability (K18829561)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-CCA77DAF70.NASL
    descriptionUpdate to the latest upstream version due to CVE-2016-2776 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-06
    plugin id93888
    published2016-10-06
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93888
    titleFedora 24 : bind99 (2016-cca77daf70)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3680.NASL
    descriptionTwo vulnerabilities were reported in BIND, a DNS server. - CVE-2016-2775 The lwresd component in BIND (which is not enabled by default) could crash while processing an overlong request name. This could lead to a denial of service. - CVE-2016-2776 A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles (authoritative, recursive and forwarding) in default configurations are affected.
    last seen2020-06-01
    modified2020-06-02
    plugin id93748
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93748
    titleDebian DSA-3680-1 : bind9 - security update

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/138960/bind9dns-dos.txt
idPACKETSTORM:138960
last seen2016-12-05
published2016-10-04
reporterMartin Rocha
sourcehttps://packetstormsecurity.com/files/138960/BIND-9-DNS-Server-Denial-Of-Service.html
titleBIND 9 DNS Server Denial Of Service

Redhat

advisories
  • bugzilla
    id1378380
    titleCVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentcaching-nameserver is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944001
          • commentcaching-nameserver is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057004
        • AND
          • commentbind-sdb is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944003
          • commentbind-sdb is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057010
        • AND
          • commentbind-libbind-devel is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944005
          • commentbind-libbind-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057006
        • AND
          • commentbind-utils is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944007
          • commentbind-utils is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057014
        • AND
          • commentbind is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944009
          • commentbind is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057016
        • AND
          • commentbind-libs is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944011
          • commentbind-libs is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057002
        • AND
          • commentbind-devel is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944013
          • commentbind-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057012
        • AND
          • commentbind-chroot is earlier than 30:9.3.6-25.P1.el5_11.9
            ovaloval:com.redhat.rhsa:tst:20161944015
          • commentbind-chroot is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070057008
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentbind-libs is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944018
          • commentbind-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651010
        • AND
          • commentbind-utils is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944020
          • commentbind-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651012
        • AND
          • commentbind-chroot is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944022
          • commentbind-chroot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651008
        • AND
          • commentbind is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944024
          • commentbind is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651006
        • AND
          • commentbind-sdb is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944026
          • commentbind-sdb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651002
        • AND
          • commentbind-devel is earlier than 32:9.8.2-0.47.rc1.el6_8.1
            ovaloval:com.redhat.rhsa:tst:20161944028
          • commentbind-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651004
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentbind-license is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944031
          • commentbind-license is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767022
        • AND
          • commentbind-utils is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944033
          • commentbind-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651012
        • AND
          • commentbind-libs-lite is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944034
          • commentbind-libs-lite is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767024
        • AND
          • commentbind-libs is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944036
          • commentbind-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651010
        • AND
          • commentbind is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944037
          • commentbind is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651006
        • AND
          • commentbind-chroot is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944038
          • commentbind-chroot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651008
        • AND
          • commentbind-pkcs11-utils is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944039
          • commentbind-pkcs11-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767014
        • AND
          • commentbind-pkcs11-libs is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944041
          • commentbind-pkcs11-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767006
        • AND
          • commentbind-pkcs11 is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944043
          • commentbind-pkcs11 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767020
        • AND
          • commentbind-lite-devel is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944045
          • commentbind-lite-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767016
        • AND
          • commentbind-sdb-chroot is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944047
          • commentbind-sdb-chroot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767018
        • AND
          • commentbind-pkcs11-devel is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944049
          • commentbind-pkcs11-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20171767004
        • AND
          • commentbind-devel is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944051
          • commentbind-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651004
        • AND
          • commentbind-sdb is earlier than 32:9.9.4-29.el7_2.4
            ovaloval:com.redhat.rhsa:tst:20161944052
          • commentbind-sdb is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20170651002
    rhsa
    idRHSA-2016:1944
    released2016-09-28
    severityImportant
    titleRHSA-2016:1944: bind security update (Important)
  • bugzilla
    id1378380
    titleCVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentbind97-utils is earlier than 32:9.7.0-21.P2.el5_11.7
            ovaloval:com.redhat.rhsa:tst:20161945001
          • commentbind97-utils is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20110845004
        • AND
          • commentbind97-devel is earlier than 32:9.7.0-21.P2.el5_11.7
            ovaloval:com.redhat.rhsa:tst:20161945003
          • commentbind97-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20110845006
        • AND
          • commentbind97-chroot is earlier than 32:9.7.0-21.P2.el5_11.7
            ovaloval:com.redhat.rhsa:tst:20161945005
          • commentbind97-chroot is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20110845010
        • AND
          • commentbind97-libs is earlier than 32:9.7.0-21.P2.el5_11.7
            ovaloval:com.redhat.rhsa:tst:20161945007
          • commentbind97-libs is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20110845008
        • AND
          • commentbind97 is earlier than 32:9.7.0-21.P2.el5_11.7
            ovaloval:com.redhat.rhsa:tst:20161945009
          • commentbind97 is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20110845002
    rhsa
    idRHSA-2016:1945
    released2016-09-28
    severityImportant
    titleRHSA-2016:1945: bind97 security update (Important)
  • rhsa
    idRHSA-2016:2099
rpms
  • bind-30:9.3.6-25.P1.el5_11.9
  • bind-32:9.8.2-0.47.rc1.el6_8.1
  • bind-32:9.9.4-29.el7_2.4
  • bind-chroot-30:9.3.6-25.P1.el5_11.9
  • bind-chroot-32:9.8.2-0.47.rc1.el6_8.1
  • bind-chroot-32:9.9.4-29.el7_2.4
  • bind-debuginfo-30:9.3.6-25.P1.el5_11.9
  • bind-debuginfo-32:9.8.2-0.47.rc1.el6_8.1
  • bind-debuginfo-32:9.9.4-29.el7_2.4
  • bind-devel-30:9.3.6-25.P1.el5_11.9
  • bind-devel-32:9.8.2-0.47.rc1.el6_8.1
  • bind-devel-32:9.9.4-29.el7_2.4
  • bind-libbind-devel-30:9.3.6-25.P1.el5_11.9
  • bind-libs-30:9.3.6-25.P1.el5_11.9
  • bind-libs-32:9.8.2-0.47.rc1.el6_8.1
  • bind-libs-32:9.9.4-29.el7_2.4
  • bind-libs-lite-32:9.9.4-29.el7_2.4
  • bind-license-32:9.9.4-29.el7_2.4
  • bind-lite-devel-32:9.9.4-29.el7_2.4
  • bind-pkcs11-32:9.9.4-29.el7_2.4
  • bind-pkcs11-devel-32:9.9.4-29.el7_2.4
  • bind-pkcs11-libs-32:9.9.4-29.el7_2.4
  • bind-pkcs11-utils-32:9.9.4-29.el7_2.4
  • bind-sdb-30:9.3.6-25.P1.el5_11.9
  • bind-sdb-32:9.8.2-0.47.rc1.el6_8.1
  • bind-sdb-32:9.9.4-29.el7_2.4
  • bind-sdb-chroot-32:9.9.4-29.el7_2.4
  • bind-utils-30:9.3.6-25.P1.el5_11.9
  • bind-utils-32:9.8.2-0.47.rc1.el6_8.1
  • bind-utils-32:9.9.4-29.el7_2.4
  • caching-nameserver-30:9.3.6-25.P1.el5_11.9
  • bind97-32:9.7.0-21.P2.el5_11.7
  • bind97-chroot-32:9.7.0-21.P2.el5_11.7
  • bind97-debuginfo-32:9.7.0-21.P2.el5_11.7
  • bind97-devel-32:9.7.0-21.P2.el5_11.7
  • bind97-libs-32:9.7.0-21.P2.el5_11.7
  • bind97-utils-32:9.7.0-21.P2.el5_11.7
  • bind-32:9.7.3-8.P3.el6_2.5
  • bind-32:9.8.2-0.17.rc1.el6_4.9
  • bind-32:9.8.2-0.23.rc1.el6_5.4
  • bind-32:9.8.2-0.30.rc1.el6_6.6
  • bind-32:9.8.2-0.37.rc1.el6_7.8
  • bind-chroot-32:9.7.3-8.P3.el6_2.5
  • bind-chroot-32:9.8.2-0.17.rc1.el6_4.9
  • bind-chroot-32:9.8.2-0.23.rc1.el6_5.4
  • bind-chroot-32:9.8.2-0.30.rc1.el6_6.6
  • bind-chroot-32:9.8.2-0.37.rc1.el6_7.8
  • bind-debuginfo-32:9.7.3-8.P3.el6_2.5
  • bind-debuginfo-32:9.8.2-0.17.rc1.el6_4.9
  • bind-debuginfo-32:9.8.2-0.23.rc1.el6_5.4
  • bind-debuginfo-32:9.8.2-0.30.rc1.el6_6.6
  • bind-debuginfo-32:9.8.2-0.37.rc1.el6_7.8
  • bind-devel-32:9.7.3-8.P3.el6_2.5
  • bind-devel-32:9.8.2-0.17.rc1.el6_4.9
  • bind-devel-32:9.8.2-0.23.rc1.el6_5.4
  • bind-devel-32:9.8.2-0.30.rc1.el6_6.6
  • bind-devel-32:9.8.2-0.37.rc1.el6_7.8
  • bind-libs-32:9.7.3-8.P3.el6_2.5
  • bind-libs-32:9.8.2-0.17.rc1.el6_4.9
  • bind-libs-32:9.8.2-0.23.rc1.el6_5.4
  • bind-libs-32:9.8.2-0.30.rc1.el6_6.6
  • bind-libs-32:9.8.2-0.37.rc1.el6_7.8
  • bind-sdb-32:9.7.3-8.P3.el6_2.5
  • bind-sdb-32:9.8.2-0.17.rc1.el6_4.9
  • bind-sdb-32:9.8.2-0.23.rc1.el6_5.4
  • bind-sdb-32:9.8.2-0.30.rc1.el6_6.6
  • bind-sdb-32:9.8.2-0.37.rc1.el6_7.8
  • bind-utils-32:9.7.3-8.P3.el6_2.5
  • bind-utils-32:9.8.2-0.17.rc1.el6_4.9
  • bind-utils-32:9.8.2-0.23.rc1.el6_5.4
  • bind-utils-32:9.8.2-0.30.rc1.el6_6.6
  • bind-utils-32:9.8.2-0.37.rc1.el6_7.8

References