#VU164 Denial of service in ISC BIND


Published: 2016-07-19 | Updated: 2017-08-29

Vulnerability identifier: #VU164

Vulnerability risk: Medium

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-2775

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ISC BIND
Server applications / DNS servers

Vendor: ISC

Description
The vulnerability allows a remote attacker to cause the target service to crash.

The vulnerability exists due to boundary error in BIND. A remote unauthenticated attacker can cause the target BIND server to crash by sending a specially crafted request with a query name and a search list entry that exceeds the maximum allowable length.

Systems using the lightweight resolution protocol via either the 'lwresd' utility or via named using the "lwres" statement in 'named.conf' are affected.

Successful exploitation of this vulnerability may result in denial of service.

Mitigation
The vendor has issued a fix (9.9.9-P2, 9.10.4-P2).

Vulnerable software versions

ISC BIND: 9.10.0 - 9.11.0b1

:

External links
http://kb.isc.org/article/AA-01393/74/CVE-2016-2775

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for bind9
Multiple vulnerabilities in Dell EMC Unisphere Central
Red Hat update for ISC BIND
OpenSUSE Linux update for bind
SUSE Linux update for bind
SUSE Linux update for bind
Amazon Linux AMI update for bind
Denial of service in bind (Alpine package)
Slackware Linux update for bind
Arch Linux update for bind