Vulnerability Details : CVE-2016-9778
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.
Products affected by CVE-2016-9778
- cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.8:s3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.8:s2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:solidfire_element_os_management_node:-:*:*:*:*:*:*:*
Threat overview for CVE-2016-9778
Top countries where our scanners detected CVE-2016-9778
Top open port discovered on systems with this issue
53
IPs affected by CVE-2016-9778 227
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-9778!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-9778
3.52%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-9778
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Internet Systems Consortium (ISC) |
CWE ids for CVE-2016-9778
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-9778
-
http://www.securitytracker.com/id/1037582
BIND Multiple Flaws Let Remote Users Cause the Target named Service to Stop Processing - SecurityTrackerThird Party Advisory;VDB Entry
-
https://kb.isc.org/article/AA-01442/
CVE-2016-9778: An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c - Security AdvisoriesVendor Advisory
-
https://security.gentoo.org/glsa/201708-01
BIND: Multiple vulnerabilities (GLSA 201708-01) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/bid/95388
ISC BIND CVE-2016-9778 Remote Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20180926-0005/
February 2018 ISC BIND Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
Jump to