named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Netapp
  • Steelstore Cloud Integrated Storage
  • Solidfire
  • Data Ontap Edge
Redhat
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Enterprise Linux Desktop
  • Enterprise Linux Workstation
  • Enterprise Linux Server
  • Enterprise Linux Eus
Isc
  • Bind
Debian
  • Debian Linux

Configuration 1 [-]

OR cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:beta2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:beta2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:beta3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:beta2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:beta3:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
References
Link Resource
http://rhn.redhat.com/errata/RHSA-2016-2141.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2142.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2615.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2871.html Third Party Advisory
http://www.debian.org/security/2016/dsa-3703 Third Party Advisory
http://www.securityfocus.com/bid/94067 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037156 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:1583 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 Third Party Advisory
https://kb.isc.org/article/AA-01434 Vendor Advisory
https://kb.isc.org/article/AA-01435 Broken Link
https://kb.isc.org/article/AA-01436 Broken Link
https://kb.isc.org/article/AA-01437 Broken Link
https://kb.isc.org/article/AA-01438 Broken Link
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:34.bind.asc Third Party Advisory
https://security.gentoo.org/glsa/201701-26 Third Party Advisory
https://security.netapp.com/advisory/ntap-20180926-0005/ Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-11-02T17:00:00

Updated: 2018-09-27T09:57:01

Reserved: 2016-10-20T00:00:00

Link: CVE-2016-8864

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2016-11-02T17:59:00.187

Modified: 2020-08-17T17:44:23.360

Link: CVE-2016-8864

JSON object: View

cve-icon Redhat Information

No data.

CWE