Vulnerability Details : CVE-2016-2775
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-2775
- cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:s1rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:-:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:beta1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:beta2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:beta3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:-:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:beta1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
Threat overview for CVE-2016-2775
Top countries where our scanners detected CVE-2016-2775
Top open port discovered on systems with this issue
53
IPs affected by CVE-2016-2775 304,429
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-2775!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-2775
89.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2775
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2016-2775
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2775
-
https://security.gentoo.org/glsa/201610-07
BIND: Multiple vulnerabilities (GLSA 201610-07) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2533
RHSA-2017:2533 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd - Security AdvisoriesPatch;Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZUCSMEOZIZ2R2SKA4FPLTOVZHJBAOWC/
[SECURITY] Fedora 23 Update: bind99-9.9.9-1.P2.fc23 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TT754KDUJTKOASJODJX7FKHCOQ6EC7UX/
[SECURITY] Fedora 23 Update: bind-9.10.4-1.P2.fc23 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://kb.isc.org/article/AA-01436
404 Page not foundBroken Link
-
https://kb.isc.org/article/AA-01438
404 Page not foundBroken Link
-
https://security.netapp.com/advisory/ntap-20160722-0002/
CVE-2016-2775 ISC BIND Vulnerability in Multiple NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://access.redhat.com/errata/RHBA-2017:1767
RHBA-2017:1767 - Bug Fix Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHBA-2017:0651
RHBA-2017:0651 - Bug Fix Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7T2WJP5ELO4ZRSBXSETIZ3GAO6KOEFTA/
[SECURITY] Fedora 24 Update: bind-9.10.4-1.P2.fc24 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/92037
ISC BIND CVE-2016-2775 Remote Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://kb.isc.org/article/AA-01435
404 Page not foundBroken Link
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJ5STNEUHBNEPUHJT7CYEVSMATFYMIX7/
[SECURITY] Fedora 24 Update: bind99-9.9.9-1.P2.fc24 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05321107
HPSBUX03664 SSRT110248 rev.1 HP-UX BIND Service running named, Remote Denial of Service (DoS)Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1036360
BIND Lightweight Resolution Bug in Processing Long Queries Lets Remote Users Cause the Target Service to Crash - SecurityTrackerThird Party Advisory;VDB Entry
Jump to