CVE-2016-2776

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-2776
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2776.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-2776
Related
Published
2016-09-28T10:59:00Z
Modified
2024-09-18T02:24:17.443501Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

References

Affected packages

Alpine:v3.2 / bind

Package

Name
bind
Purl
pkg:apk/alpine/bind?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.10.4_p3

Affected versions

9.*

9.6.0_p1-r0
9.6.0_p1-r1
9.6.1_p1-r0
9.6.1_p1-r1
9.6.1_p2-r1
9.6.1_p3-r1
9.7.0_p1-r1
9.7.0_p1-r2
9.7.1-r0
9.7.1_p2-r0
9.7.2-r0
9.7.2_p1-r0
9.7.2_p2-r0
9.7.2_p3-r0
9.7.3-r0
9.8.0-r0
9.8.0_p1-r0
9.8.0_p2-r0
9.8.0_p2-r1
9.8.0_p4-r0
9.8.1-r0
9.8.1_p1-r0
9.9.0-r0
9.9.0-r1
9.9.1-r0
9.9.1_p1-r0
9.9.1_p2-r0
9.9.1_p3-r0
9.9.2-r0
9.9.2_p1-r0
9.9.2_p2-r0
9.9.3-r0
9.9.3_p1-r0
9.9.3_p2-r0
9.9.3_p2-r1
9.9.3_p2-r2
9.9.4-r0
9.9.4_p1-r0
9.9.4_p1-r1
9.9.4_p2-r0
9.9.5-r0
9.10.0-r0
9.10.0_p1-r0
9.10.0_p2-r0
9.10.0_p2-r1
9.10.1-r0
9.10.1-r1
9.10.1-r2
9.10.1_p1-r0
9.10.1_p2-r0
9.10.1_p2-r1
9.10.1_p2-r2
9.10.2-r0
9.10.2-r1
9.10.2_p3-r0
9.10.2_p3-r1
9.10.2_p4-r0
9.10.3_p2-r0
9.10.3_p3-r0
9.10.3_p4-r0
9.10.4_p2-r0

Alpine:v3.3 / bind

Package

Name
bind
Purl
pkg:apk/alpine/bind?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.10.4_p3-r0

Affected versions

9.*

9.6.0_p1-r0
9.6.0_p1-r1
9.6.1_p1-r0
9.6.1_p1-r1
9.6.1_p2-r1
9.6.1_p3-r1
9.7.0_p1-r1
9.7.0_p1-r2
9.7.1-r0
9.7.1_p2-r0
9.7.2-r0
9.7.2_p1-r0
9.7.2_p2-r0
9.7.2_p3-r0
9.7.3-r0
9.8.0-r0
9.8.0_p1-r0
9.8.0_p2-r0
9.8.0_p2-r1
9.8.0_p4-r0
9.8.1-r0
9.8.1_p1-r0
9.9.0-r0
9.9.0-r1
9.9.1-r0
9.9.1_p1-r0
9.9.1_p2-r0
9.9.1_p3-r0
9.9.2-r0
9.9.2_p1-r0
9.9.2_p2-r0
9.9.3-r0
9.9.3_p1-r0
9.9.3_p2-r0
9.9.3_p2-r1
9.9.3_p2-r2
9.9.4-r0
9.9.4_p1-r0
9.9.4_p1-r1
9.9.4_p2-r0
9.9.5-r0
9.10.0-r0
9.10.0_p1-r0
9.10.0_p2-r0
9.10.0_p2-r1
9.10.1-r0
9.10.1-r1
9.10.1-r2
9.10.1_p1-r0
9.10.1_p2-r0
9.10.1_p2-r1
9.10.1_p2-r2
9.10.2-r0
9.10.2-r1
9.10.2_p1-r0
9.10.2_p1-r1
9.10.2_p2-r0
9.10.2_p3-r0
9.10.2_p3-r1
9.10.2_p4-r0
9.10.3-r0
9.10.3-r1
9.10.3_p2-r0
9.10.3_p3-r0
9.10.3_p4-r0
9.10.4_p2-r0

Debian:11 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://github.com/isc-projects/bind9
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v9.*

v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.9.0
v9.9.0rc3
v9.9.0rc4
v9.9.1
v9.9.2b1
v9.9.2rc1
v9.9.3
v9.9.3b1
v9.9.3b2
v9.9.3rc1
v9.9.3rc2
v9.9.4
v9.9.4b1
v9.9.4rc1
v9.9.4rc2
v9.9.5
v9.9.5b1
v9.9.5rc1
v9.9.5rc2
v9.9.6
v9.9.6b1
v9.9.6b2
v9.9.6rc1
v9.9.6rc2
v9.9.7
v9.9.7b1
v9.9.7rc1
v9.9.7rc2
v9.9.8
v9.9.8b1
v9.9.8rc1
v9.9.9
v9.9.9b1
v9.9.9b2
v9.9.9rc1