Executive Summary

Informations
NameCVE-2016-2848First vendor Publication2016-10-21
VendorCveLast vendor Modification2018-09-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2848

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application264

Snort® IPS/IDS

DateDescription
2016-11-30ISC BIND 9 DNS query overly long name denial of service attempt
RuleID : 40579 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

DateDescription
2017-08-03Name : The remote AIX host has a version of bind installed that is affected by multi...
File : aix_bind_advisory14.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2016-12-28Name : The remote AIX host is missing a security patch.
File : aix_IV91253.nasl - Type : ACT_GATHER_INFO
2016-12-28Name : The remote AIX host is missing a security patch.
File : aix_IV91256.nasl - Type : ACT_GATHER_INFO
2016-12-28Name : The remote AIX host is missing a security patch.
File : aix_IV91257.nasl - Type : ACT_GATHER_INFO
2016-12-16Name : The remote AIX host is missing a security patch.
File : aix_IV91214.nasl - Type : ACT_GATHER_INFO
2016-12-16Name : The remote AIX host is missing a security patch.
File : aix_IV91254.nasl - Type : ACT_GATHER_INFO
2016-12-16Name : The remote AIX host is missing a security patch.
File : aix_IV91255.nasl - Type : ACT_GATHER_INFO
2016-11-08Name : The remote name server is affected by a denial of service vulnerability.
File : bind9_CVE-2016-2848.nasl - Type : ACT_GATHER_INFO
2016-10-28Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL01471335.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2099.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2093.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2094.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2093.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2094.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0145.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0146.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-758.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Debian host is missing a security update.
File : debian_DLA-672.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2093.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2094.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161020_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161020_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3108-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/93809
http://www.securityfocus.com/bid/93814
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1385450
https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
https://security.netapp.com/advisory/ntap-20180926-0002/
https://security.netapp.com/advisory/ntap-20180926-0005/
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=4adf97c32fcc...
REDHAT http://rhn.redhat.com/errata/RHSA-2016-2093.html
http://rhn.redhat.com/errata/RHSA-2016-2094.html
http://rhn.redhat.com/errata/RHSA-2016-2099.html
SECTRACK http://www.securitytracker.com/id/1037073

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
DateInformations
2018-09-27 17:19:27
  • Multiple Updates
2018-01-05 09:23:38
  • Multiple Updates
2017-08-04 13:25:03
  • Multiple Updates
2017-07-29 12:05:02
  • Multiple Updates
2017-04-22 13:25:52
  • Multiple Updates
2016-12-29 13:20:14
  • Multiple Updates
2016-12-17 13:23:50
  • Multiple Updates
2016-11-29 00:26:05
  • Multiple Updates
2016-11-09 13:25:43
  • Multiple Updates
2016-10-29 13:26:07
  • Multiple Updates
2016-10-27 13:26:38
  • Multiple Updates
2016-10-25 13:25:28
  • Multiple Updates
2016-10-22 13:25:18
  • Multiple Updates
2016-10-21 21:25:21
  • Multiple Updates
2016-10-21 17:23:49
  • First insertion