CVE-2016-9147

Name
CVE-2016-9147
Description
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org http://rhn.redhat.com/errata/RHSA-2017-0062.html
cve@mitre.org http://rhn.redhat.com/errata/RHSA-2017-0063.html
cve@mitre.org http://rhn.redhat.com/errata/RHSA-2017-0064.html
cve@mitre.org http://www.debian.org/security/2017/dsa-3758
cve@mitre.org http://www.securityfocus.com/bid/95390
cve@mitre.org http://www.securitytracker.com/id/1037582
cve@mitre.org https://access.redhat.com/errata/RHSA-2017:1582
cve@mitre.org https://access.redhat.com/errata/RHSA-2017:1583
Patch https://kb.isc.org/article/AA-01440/74/CVE-2016-9147
cve@mitre.org https://security.gentoo.org/glsa/201708-01
cve@mitre.org https://security.netapp.com/advisory/ntap-20180926-0005/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:* bind == None == 9.9.9
cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:* bind == None == 9.10.4
cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:* bind == None == 9.11.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
bind edge-main 9.10.4_p5-r0 None fixed
bind 3.22-main 9.10.4_p5-r0 None fixed
bind 3.21-main 9.10.4_p5-r0 None fixed
bind 3.20-main 9.10.4_p5-r0 None fixed
bind 3.19-main 9.10.4_p5-r0 None fixed
bind 3.18-main 9.10.4_p5-r0 None fixed
bind 3.17-main 9.10.4_p5-r0 None fixed
bind 3.12-main 9.10.4_p5-r0 None fixed
bind 3.11-main 9.10.4_p5-r0 None fixed
bind 3.10-main 9.10.4_p5-r0 None fixed