Home

CVE-2016-2775

Description

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

Risk Information

Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
31.56

Associated Vulnerability

VulnerabilityOS Platform
Update bind 9.9.9 to latest versionWindows
bind9 security update(DSA-3680-1) bind9_9.9.5.dfsg-9+deb8u7_kfreebsd-i386.debLinux
bind9 security update(DSA-3680-1) bind9_9.9.5.dfsg-9+deb8u7_kfreebsd-amd64.debLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Server 12-SP1 ) bind-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Server 12-SP1 ) bind-chrootenv-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-debuginfo-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-debugsource-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Server 12-SP1 ) bind-doc-9.9.9P1-59.1.noarch.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-libs-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-libs-32bit-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-libs-debuginfo-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-libs-debuginfo-32bit-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-utils-9.9.9P1-59.1.x86_64.rpmLinux
SUSE-SU-2017:0998-1(SUSE Linux Enterprise Desktop 12-SP1 ) bind-utils-debuginfo-9.9.9P1-59.1.x86_64.rpmLinux
Vulnerabilities CVE-2014-7877 ,CVE-2014-7879 ,CVE-2016-2775 are affected in hp-ux b.11.31NCM
Improper Input Validation Vulnerability (CVE-2016-2775)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234