Executive Summary

Informations
NameCVE-2016-2776First vendor Publication2016-09-28
VendorCveLast vendor Modification2018-01-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application521
Os1
Os3
Os2
Os3

Snort® IPS/IDS

DateDescription
2016-11-08ISC BIND isc__buffer_add assertion failure denial of service attempt
RuleID : 40344 - Revision : 2 - Type : PROTOCOL-DNS

Metasploit Database

idDescription
2016-09-27 BIND TKEY Query Denial of Service

Nessus® Vulnerability Scanner

DateDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0021.nasl - Type : ACT_GATHER_INFO
2017-08-03Name : The remote AIX host has a version of bind installed that is affected by multi...
File : aix_bind_advisory13.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2017-02-27Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1052.nasl - Type : ACT_GATHER_INFO
2016-12-20Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL18829561.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote AIX host is missing a security patch.
File : aix_IV89828.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote AIX host is missing a security patch.
File : aix_IV89829.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote AIX host is missing a security patch.
File : aix_IV89830.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote AIX host is missing a security patch.
File : aix_IV89831.nasl - Type : ACT_GATHER_INFO
2016-11-18Name : The remote AIX host is missing a security patch.
File : aix_IV90056.nasl - Type : ACT_GATHER_INFO
2016-11-15Name : The remote Fedora host is missing a security update.
File : fedora_2016-f6e4e66202.nasl - Type : ACT_GATHER_INFO
2016-11-15Name : The remote Fedora host is missing a security update.
File : fedora_2016-76bd94ca9e.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2099.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Fedora host is missing a security update.
File : fedora_2016-3af8b344f1.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Fedora host is missing a security update.
File : fedora_2016-cbef6c8619.nasl - Type : ACT_GATHER_INFO
2016-10-12Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201610-07.nasl - Type : ACT_GATHER_INFO
2016-10-06Name : The remote Debian host is missing a security update.
File : debian_DLA-645.nasl - Type : ACT_GATHER_INFO
2016-10-06Name : The remote Fedora host is missing a security update.
File : fedora_2016-2d9825f7c1.nasl - Type : ACT_GATHER_INFO
2016-10-06Name : The remote Fedora host is missing a security update.
File : fedora_2016-cca77daf70.nasl - Type : ACT_GATHER_INFO
2016-10-05Name : The remote name server is affected by a denial of service vulnerability.
File : bind9_9104_p3.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-751.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-1944.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-1945.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0136.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0137.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160928_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-09-29Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160928_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-271-01.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-1944.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-1945.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3680.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c8d902b1855011e681e7d050996490d0.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1133.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-1944.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-1945.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2399-1.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2401-1.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2405-1.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3088-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/93188
CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-309054...
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547....
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://kb.isc.org/article/AA-01419/0
https://kb.isc.org/article/AA-01435
https://kb.isc.org/article/AA-01436
https://kb.isc.org/article/AA-01438
https://security.netapp.com/advisory/ntap-20160930-0001/
EXPLOIT-DB https://www.exploit-db.com/exploits/40453/
FREEBSD https://security.FreeBSD.org/advisories/FreeBSD-SA-16:28.bind.asc
GENTOO https://security.gentoo.org/glsa/201610-07
REDHAT http://rhn.redhat.com/errata/RHSA-2016-1944.html
http://rhn.redhat.com/errata/RHSA-2016-1945.html
http://rhn.redhat.com/errata/RHSA-2016-2099.html
SECTRACK http://www.securitytracker.com/id/1036903

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
DateInformations
2019-03-16 12:06:57
  • Multiple Updates
2019-02-12 12:02:52
  • Multiple Updates
2019-02-09 12:04:51
  • Multiple Updates
2018-12-07 12:04:32
  • Multiple Updates
2018-10-31 01:07:03
  • Multiple Updates
2018-01-05 09:23:38
  • Multiple Updates
2017-11-21 09:22:02
  • Multiple Updates
2017-11-10 09:23:02
  • Multiple Updates
2017-09-22 13:24:45
  • Multiple Updates
2017-09-03 09:24:02
  • Multiple Updates
2017-08-04 13:25:03
  • Multiple Updates
2017-07-30 12:01:58
  • Multiple Updates
2017-07-01 09:23:24
  • Multiple Updates
2017-04-22 13:25:52
  • Multiple Updates
2017-02-28 13:25:27
  • Multiple Updates
2017-01-03 09:23:20
  • Multiple Updates
2016-12-31 09:24:35
  • Multiple Updates
2016-12-21 13:22:26
  • Multiple Updates
2016-11-29 00:26:04
  • Multiple Updates
2016-11-19 13:24:34
  • Multiple Updates
2016-11-16 13:26:22
  • Multiple Updates
2016-11-03 01:00:25
  • Multiple Updates
2016-11-01 09:25:24
  • Multiple Updates
2016-10-27 13:26:38
  • Multiple Updates
2016-10-27 09:23:58
  • Multiple Updates
2016-10-26 13:21:13
  • Multiple Updates
2016-10-22 12:03:50
  • Multiple Updates
2016-10-13 13:25:06
  • Multiple Updates
2016-10-07 13:23:41
  • Multiple Updates
2016-10-06 13:23:45
  • Multiple Updates
2016-09-30 13:23:31
  • Multiple Updates
2016-09-29 13:25:19
  • Multiple Updates
2016-09-28 21:24:31
  • Multiple Updates
2016-09-28 17:23:48
  • First insertion