CVE-2016-6170

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-6170
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6170.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-6170
Related
Published
2016-07-06T14:59:05Z
Modified
2024-09-03T00:10:39Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

References

Affected packages

Debian:11 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.6+dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:12 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.6+dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:13 / bind9

Package

Name
bind9
Purl
pkg:deb/debian/bind9?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:9.10.6+dfsg-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Git / github.com/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://github.com/isc-projects/bind9
Events
Introduced
19d6c56085e97cf4ac559cdc27edd624127bcb32
Last affected
2d6d4babba5b5d2237bd37c0e4c3c993b7efd255
Last affected
99ed57a343364266f804573cd7614cdc2aefcb19
Last affected
b7843f9794be456c53d7dc0b51ead89f2c5d3351