CVE-2016-2775
lwresd crash with long query name
Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232.
CVE-2016-2776
assertion failure due to unspecified crafted query
Fix based on 43139-9-9.patch from ISC.

For Debian 7 Wheezy, these problems have been fixed in version
1:9.8.4.dfsg.P1-6+nmu2+deb7u11.

We recommend that you upgrade your bind9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS>

CPENameOperatorVersion
bind9eq1:9.8.4.dfsg.P1-6+nmu2
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u1
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u10
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u1~bpo60+1
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u2
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u2~bpo60+1
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u3
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u4
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u5
bind9eq1:9.8.4.dfsg.P1-6+nmu2+deb7u6

Name	Operator	Version
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u1
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u10
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u1~bpo60+1
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u2
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u2~bpo60+1
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u3
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u4
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u5
bind9	eq	1:9.8.4.dfsg.P1-6+nmu2+deb7u6

Rows per page:

1-10 of 131

References

www.debian.org/lts/security/2016/dla-645

nessus 59

debian 2

threatpost 1

openvas 43

osv 3

aix 1

mageia 1

ibm 3

fedora 11

archlinux 2

prion 2

f5 4

nvd 2

metasploit 1

debiancve 2

ubuntucve 2

cve 2

redhat 4

cvelist 2

veracode 3

amazon 2

slackware 2

redhatcve 2

checkpoint_advisories 2

freebsd 2

exploitpack 1

suse 7

centos 2

altlinux 5

zdt 1

freebsd_advisory 1

ubuntu 2

cloudfoundry 1

alpinelinux 1

packetstorm 1

exploitdb 1

gentoo 1

oraclelinux 5

photon 1

nessus

AIX 6.1 TL 9 : bind (IV89828) (deprecated)

2016-11-18 00:00:00

AIX 7.1 TL 4 : bind (IV89829) (deprecated)

2016-11-18 00:00:00

AIX 7.1 TL 3 : bind (IV89830) (deprecated)

2016-11-18 00:00:00

debian

[SECURITY] [DSA 3680-1] bind9 security update

2016-09-27 18:52:22

[SECURITY] [DLA 645-1] bind9 security update

2016-10-05 17:44:33

threatpost

ISC Patches Critical Error Condition in BIND

2016-09-28 16:29:53

openvas

Debian Security Advisory DSA 3680-1 (bind9 - security update)

2016-10-05 00:00:00

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2016-1052)

2020-01-23 00:00:00

Mageia: Security Advisory (MGASA-2016-0332)

2022-01-28 00:00:00

osv

bind9 - security update

2016-09-27 00:00:00

CVE-2016-2776

2016-09-28 10:59:00

bind9 vulnerabilities

2022-11-29 12:09:33

aix

Vulnerabilities in BIND impact AIX,Vulnerabilities in BIND impact VIOS

2016-11-18 08:19:36

mageia

Updated bind packages fix security vulnerability

2016-10-04 15:20:54

ibm

Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2016-2775, CVE-2016-2776, CVE-2016-8864 and CVE-2016-6170)

2019-12-18 14:26:38

Security Bulletin: Multiple vulnerabilities in BIND affects IBM Netezza Host Management

2019-10-18 03:10:29

Security Bulletin: Vulnerabilities in bind affect PowerKVM (CVE-2016-2776, CVE-2016-8864)

2018-06-18 01:33:47

fedora

[SECURITY] Fedora 23 Update: bind-9.10.4-1.P2.fc23

2016-08-18 00:54:45

[SECURITY] Fedora 24 Update: bind99-9.9.9-1.P2.fc24

2016-07-30 18:26:19

[SECURITY] Fedora 23 Update: bind-9.10.4-2.P3.fc23

2016-10-24 23:52:28

archlinux

[ASA-201609-29] bind: denial of service

2016-09-27 00:00:00

bind: denial of service

2016-07-20 00:00:00

prion

Design/Logic Flaw

2016-09-28 10:59:00

Design/Logic Flaw

2016-07-19 22:59:00

K18829561 : BIND vulnerability CVE-2016-2776

2016-09-27 00:00:00

SOL92991044 - lwresd and bind vulnerability CVE-2016-2775

2016-07-28 00:00:00

K92991044 : lwresd and bind vulnerability CVE-2016-2775

2016-07-28 00:00:00

nvd

CVE-2016-2776

2016-09-28 10:59:00

CVE-2016-2775

2016-07-19 22:59:00

metasploit

BIND TSIG Query Denial of Service

2017-08-26 15:41:10

debiancve

CVE-2016-2776

2016-09-28 10:59:00

CVE-2016-2775

2016-07-19 22:59:00

ubuntucve

CVE-2016-2776

2016-09-27 00:00:00

CVE-2016-2775

2016-07-19 00:00:00

cve

CVE-2016-2775

2016-07-19 22:59:00

CVE-2016-2776

2016-09-28 10:59:00

redhat

(RHSA-2017:2533) Moderate: bind security update

2017-08-24 04:19:14

(RHSA-2016:1944) Important: bind security update

2016-09-28 00:00:00

(RHSA-2016:1945) Important: bind97 security update

2016-09-28 00:00:00

cvelist

CVE-2016-2775

2016-07-19 22:00:00

CVE-2016-2776

2016-09-28 10:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:15:05

Denial Of Service (DoS)

2018-11-01 08:51:00

Denial Of Service (DoS)

2019-01-15 09:13:15

amazon

Medium: bind

2016-09-15 19:00:00

Important: bind

2016-09-28 15:45:00

slackware

[slackware-security] bind

2016-07-22 20:53:45

[slackware-security] bind

2016-09-27 19:49:07

redhatcve

CVE-2016-2775

2016-07-19 08:48:43

CVE-2016-2776

2020-04-09 09:15:08

checkpoint_advisories

ISC BIND lwresd Query Name Denial of Service (CVE-2016-2775)

2016-09-15 00:00:00

DNS Server Bind 9 Response Message Rendering Denial of Service (CVE-2016-2776)

2016-10-05 00:00:00

freebsd

bind -- denial of service vulnerability

2016-07-18 00:00:00

BIND -- Remote Denial of Service vulnerability

2016-09-27 00:00:00

exploitpack

ISC BIND 9 - Denial of Service

2016-10-04 00:00:00

suse

Security update for bind (critical)

2016-09-28 11:09:52

Security update for bind (critical)

2016-09-27 21:10:55

Security update for bind (critical)

2016-09-27 22:09:45

centos

bind97 security update

2016-09-28 14:01:06

bind, caching security update

2016-09-28 14:00:32

altlinux

Security fix for the ALT Linux 9 package bind version 9.9.8-alt4

2016-09-27 00:00:00

Security fix for the ALT Linux 6 package bind version 9.3.6-alt7.M60P.2

2016-10-04 00:00:00

Security fix for the ALT Linux 8 package bind version 9.9.8-alt4

2016-09-27 00:00:00

zdt

Bind 9 DNS Server - Denial of Service Exploit

2016-10-04 00:00:00

freebsd_advisory

FreeBSD-SA-16:28.bind

2016-10-10 00:00:00

ubuntu

Bind vulnerability

2016-09-27 00:00:00

Bind vulnerabilities

2022-11-29 00:00:00

cloudfoundry

USN-3088-1: Bind vulnerability | Cloud Foundry

2016-12-13 00:00:00

alpinelinux

CVE-2016-2776

2016-09-28 10:59:00

packetstorm

BIND 9 DNS Server Denial Of Service

2016-10-04 00:00:00

exploitdb

ISC BIND 9 - Denial of Service

2016-10-04 00:00:00

gentoo

BIND: Multiple vulnerabilities

2016-10-11 00:00:00

oraclelinux

bind security update

2016-11-09 00:00:00

bind security update

2016-09-28 00:00:00

bind97 security update

2016-09-28 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0021

2017-06-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.972 High

EPSS

Percentile

99.8%

JSON

Related for OSV:DLA-645-1