DNS: ISC BIND buffer.c Assertion Failure Denial of Service
A denial-of-service vulnerability has been reported in ISC BIND. Successful exploitation could lead to denial-of-service condition.
Extended Description
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Affected Products
Isc bind
References
CVE: CVE-2016-2776
URL: https://kb.isc.org/article/aa-01419 http://securitytracker.com/id?1036903
Short Name
DNS:ISC-ASSERTION-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
DNS
Keywords
Assertion BIND CVE-2016-2776 Denial Failure ISC Service buffer.c of
Release Date
10/06/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Isc
Oracle
Hp
CVSS Score
7.8