CVE-2016-2775

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-2775

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2775.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-2775

Related

Published

2016-07-19T22:59:00Z

Modified

2024-09-11T02:00:05Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

References

Affected packages

Debian:11 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.10.3.dfsg.P4-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/isc-projects/bind9

Affected ranges

Type: GIT
Repo: https://github.com/isc-projects/bind9
Events: Introduced

19d6c56085e97cf4ac559cdc27edd624127bcb32

Last affected

2d6d4babba5b5d2237bd37c0e4c3c993b7efd255

Last affected

99ed57a343364266f804573cd7614cdc2aefcb19

Last affected

b7843f9794be456c53d7dc0b51ead89f2c5d3351

Last affected

e8948b831a089643ca7b27947197d14244828358