named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
Published 2016-03-09 23:59:02
Updated 2023-11-30 17:08:17
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Denial of service

Products affected by CVE-2016-1285