Vulnerability Details CVE-2016-2848
ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.513
EPSS Ranking 97.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://rhn.redhat.com/errata/RHSA-2016-2093.html
- http://rhn.redhat.com/errata/RHSA-2016-2094.html
- http://rhn.redhat.com/errata/RHSA-2016-2099.html
- http://www.securityfocus.com/bid/93809
- http://www.securityfocus.com/bid/93814
- http://www.securitytracker.com/id/1037073
- https://bugzilla.redhat.com/show_bug.cgi?id=1385450
- https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
- https://security.netapp.com/advisory/ntap-20180926-0002/
- https://security.netapp.com/advisory/ntap-20180926-0005/
- https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git%3Ba=commit%3Bh=4adf97c32fcca7d00e5756607fd045f2aab9c3d4
- http://rhn.redhat.com/errata/RHSA-2016-2093.html
- http://rhn.redhat.com/errata/RHSA-2016-2094.html
- http://rhn.redhat.com/errata/RHSA-2016-2099.html
- http://www.securityfocus.com/bid/93809
- http://www.securityfocus.com/bid/93814
- http://www.securitytracker.com/id/1037073
- https://bugzilla.redhat.com/show_bug.cgi?id=1385450
- https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
- https://security.netapp.com/advisory/ntap-20180926-0002/
- https://security.netapp.com/advisory/ntap-20180926-0005/
- https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git%3Ba=commit%3Bh=4adf97c32fcca7d00e5756607fd045f2aab9c3d4
Products affected by CVE-2016-2848
-
cpe:2.3:a:isc:bind:9.1
-
cpe:2.3:a:isc:bind:9.1.0
-
cpe:2.3:a:isc:bind:9.1.1
-
cpe:2.3:a:isc:bind:9.1.2
-
cpe:2.3:a:isc:bind:9.1.3
-
cpe:2.3:a:isc:bind:9.2
-
cpe:2.3:a:isc:bind:9.2.0
-
cpe:2.3:a:isc:bind:9.2.1
-
cpe:2.3:a:isc:bind:9.2.2
-
cpe:2.3:a:isc:bind:9.2.3
-
cpe:2.3:a:isc:bind:9.2.4
-
cpe:2.3:a:isc:bind:9.2.5
-
cpe:2.3:a:isc:bind:9.2.6
-
cpe:2.3:a:isc:bind:9.2.7
-
cpe:2.3:a:isc:bind:9.2.8
-
cpe:2.3:a:isc:bind:9.2.9
-
cpe:2.3:a:isc:bind:9.3
-
cpe:2.3:a:isc:bind:9.3.0
-
cpe:2.3:a:isc:bind:9.3.1
-
cpe:2.3:a:isc:bind:9.3.2
-
cpe:2.3:a:isc:bind:9.3.3
-
cpe:2.3:a:isc:bind:9.3.4
-
cpe:2.3:a:isc:bind:9.3.5
-
cpe:2.3:a:isc:bind:9.3.6
-
cpe:2.3:a:isc:bind:9.4
-
cpe:2.3:a:isc:bind:9.4.0
-
cpe:2.3:a:isc:bind:9.4.1
-
cpe:2.3:a:isc:bind:9.4.2
-
cpe:2.3:a:isc:bind:9.4.3
-
cpe:2.3:a:isc:bind:9.5
-
cpe:2.3:a:isc:bind:9.5.0
-
cpe:2.3:a:isc:bind:9.5.1
-
cpe:2.3:a:isc:bind:9.5.2
-
cpe:2.3:a:isc:bind:9.5.3
-
cpe:2.3:a:isc:bind:9.6
-
cpe:2.3:a:isc:bind:9.6.0
-
cpe:2.3:a:isc:bind:9.6.1
-
cpe:2.3:a:isc:bind:9.6.2
-
cpe:2.3:a:isc:bind:9.6.3
-
cpe:2.3:a:isc:bind:9.7.0
-
cpe:2.3:a:isc:bind:9.7.1
-
cpe:2.3:a:isc:bind:9.7.2
-
cpe:2.3:a:isc:bind:9.7.3
-
cpe:2.3:a:isc:bind:9.7.4
-
cpe:2.3:a:isc:bind:9.7.5
-
cpe:2.3:a:isc:bind:9.7.6
-
cpe:2.3:a:isc:bind:9.7.7
-
cpe:2.3:a:isc:bind:9.8.0
-
cpe:2.3:a:isc:bind:9.8.1
-
cpe:2.3:a:isc:bind:9.8.2
-
cpe:2.3:a:isc:bind:9.8.3
-
cpe:2.3:a:isc:bind:9.8.4
-
cpe:2.3:a:isc:bind:9.9.0
-
cpe:2.3:a:isc:bind:9.9.1
-
cpe:2.3:a:isc:bind:9.9.2