Denial of Service in bind (Alpine package)

1) Denial of Service

EUVDB-ID: #VU703

Risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2016-2776

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allow a remote unauthenticated user to cause denial of service (DoS) on the target system.
The weakness exists due to improper construction of queries responses, which meet certain criteria. By sending specially crafted query to the target service the attacker can trigger an assertion failure in buffer.c that leads to crash and denial of the service.
Successful exploitation of the vulnerability results in DoS condeitions on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

bind (Alpine package): 9.6.1-r0 - 9.10.4_p2-r0

CPE2.3

• cpe:2.3:o:alpine:bind_alpine_package:9.6.1-r0:*:*:*:*:alpine_linux:*:1.10
• cpe:2.3:o:alpine:bind_alpine_package:9.7.1-r0:*:*:*:*:alpine_linux:*:2.0
• cpe:2.3:o:alpine:bind_alpine_package:9.7.3-r0:*:*:*:*:alpine_linux:*:2.1

External links

https://git.alpinelinux.org/aports/commit/?id=ed53a1ae749810a4b9e824c133217ef97d65cdff
https://git.alpinelinux.org/aports/commit/?id=5948fa0b9c5374b9cf9d7be6e5b652c9f79aeefd
https://git.alpinelinux.org/aports/commit/?id=19c47827cc4fe347604ca5553ada4bafc341ebb2
https://git.alpinelinux.org/aports/commit/?id=15e6fbb4db3b1b218d6d4d006166b5253a1e5b0a
https://git.alpinelinux.org/aports/commit/?id=201cf7c3ba5f236e01c5a693526928ebc67ce3b4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.