Denial of service in ISC BIND - CVE-2016-2775
Published: July 19, 2016 / Updated: August 29, 2017
Vulnerability identifier: #VU164
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2016-2775
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ISC
Affected software:
ISC BIND
ISC BIND
Detailed vulnerability description
The vulnerability allows a remote attacker to cause the target service to crash.
The vulnerability exists due to boundary error in BIND. A remote unauthenticated attacker can cause the target BIND server to crash by sending a specially crafted request with a query name and a search list entry that exceeds the maximum allowable length.
Systems using the lightweight resolution protocol via either the 'lwresd' utility or via named using the "lwres" statement in 'named.conf' are affected.
Successful exploitation of this vulnerability may result in denial of service.
The vulnerability exists due to boundary error in BIND. A remote unauthenticated attacker can cause the target BIND server to crash by sending a specially crafted request with a query name and a search list entry that exceeds the maximum allowable length.
Systems using the lightweight resolution protocol via either the 'lwresd' utility or via named using the "lwres" statement in 'named.conf' are affected.
Successful exploitation of this vulnerability may result in denial of service.
How to mitigate CVE-2016-2775
The vendor has issued a fix (9.9.9-P2, 9.10.4-P2).