#VU31952 Input validation error in ISC BIND - CVE-2015-8704

Cybersecurity Help s.r.o.

Published: 2016-01-20 | Updated: 2020-07-27

Vulnerability identifier: #VU31952

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2015-8704

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ISC BIND
Server applications / DNS servers

Vendor: ISC

Description

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

Mitigation
Install update from vendor's website.

Vulnerable software versions

ISC BIND: 9.9.8-P3

External links
https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html
https://lists.fedoraproject.org/pipermail/package-announce/2016-February/178045.html
https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175973.html
https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00019.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00020.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00022.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00023.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00024.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00025.html
https://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html
https://marc.info/?l=bugtraq&m=145680832702035&w=2
https://rhn.redhat.com/errata/RHSA-2016-0073.html
https://rhn.redhat.com/errata/RHSA-2016-0074.html
https://www.debian.org/security/2016/dsa-3449
https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
https://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
https://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://www.securityfocus.com/bid/81329
https://www.securitytracker.com/id/1034739
https://www.ubuntu.com/usn/USN-2874-1
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01380
https://kb.isc.org/article/AA-01438
https://security.gentoo.org/glsa/201610-07
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:08.bind.asc

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell EMC Unisphere Central

Slackware Linux update for bind

SUSE Linux update for bind

OpenSUSE Linux update for bind

SUSE Linux update for bind

Input validation error in ISC BIND

Input validation error in bind (Alpine package)

SUSE Linux update for bind

Amazon Linux AMI update for bind