Vulnerability identifier: #VU164
Vulnerability risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
ISC BIND
Server applications /
DNS servers
Vendor:
ISC
Description
The vulnerability allows a remote attacker to cause the target service to crash.
The vulnerability exists due to boundary error in BIND. A remote unauthenticated attacker can cause the target BIND server to crash by sending a specially crafted request with a query name and a search list entry that exceeds the maximum allowable length.
Systems using the lightweight resolution protocol via either the 'lwresd' utility or via named using the "lwres" statement in 'named.conf' are affected.
Successful exploitation of this vulnerability may result in denial of service.
Mitigation
The vendor has issued a fix (9.9.9-P2, 9.10.4-P2).
Vulnerable software versions
ISC BIND: 9.10.0 - 9.11.0b1
:
: 9.9.9-P1
External links
https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.