#VU32321 Input validation error in ISC BIND


Published: 2016-03-10 | Updated: 2020-07-28

Vulnerability identifier: #VU32321

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-1285

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ISC BIND
Server applications / DNS servers

Vendor: ISC

Description

The vulnerability allows a remote non-authenticated attacker to a crash the entire system.

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

Mitigation
Install update from vendor's website.

Vulnerable software versions

ISC BIND: 4.9.2 - 9.9.8-P3

External links
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html
http://marc.info/?l=bugtraq&m=146191105921542&w=2
http://rhn.redhat.com/errata/RHSA-2016-0562.html
http://rhn.redhat.com/errata/RHSA-2016-0601.html
http://www.debian.org/security/2016/dsa-3511
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securitytracker.com/id/1035236
http://www.ubuntu.com/usn/USN-2925-1
http://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821
http://kb.isc.org/article/AA-01352
http://kb.isc.org/article/AA-01380
http://kb.isc.org/article/AA-01438
http://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc
http://security.gentoo.org/glsa/201610-07

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Unisphere Central
OpenSUSE Linux update for bind
SUSE Linux update for bind
SUSE Linux update for bind
SUSE Linux update for bind
Amazon Linux AMI update for bind
Input validation error in bind (Alpine package)
Slackware Linux update for bind
Input validation error in ISC BIND