Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
11 CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure

CVE: CVE-2016-9444 Document Version: 2.0 Posting date: 11 Jan 2017 Program Impacted: BIND Versions affected: 9.6-ESV-R9 -> 9.6-ESV-R11-W1, 9.8.5 -> 9.8.8, 9.9.3 -> 9.9.9-P4, 9.9.9-S1 -> 9.9.9-S6, 9.10.0 -> 9.10.4-P4, 9.11.0 -> 9.11.0-P1…

12 CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure

CVE: CVE-2016-9147 Document Version: 2.0 Posting date: 11 Jan 2017 Program Impacted: BIND Versions affected: 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, 9.11.0-P1 Severity: High Exploitable: Remotely Description: Depending on the type of query and the EDNS options in…

13 CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion

CVE: CVE-2016-9131 Document Version: 2.0 Posting date: 11 Jan 2017 Program Impacted: BIND Versions affected: 9.4.0 -> 9.6-ESV-R11-W1, 9.8.5 -> 9.8.8, 9.9.3 -> 9.9.9-P4, 9.9.9-S1 -> 9.9.9-S6, 9.10.0 -> 9.10.4-P4, 9.11.0 -> 9.11.0-P1 Severity:…

14 CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure

CVE: CVE-2016-8864 Document Version: 2.0 Posting date: 1 November 2016 Program Impacted: BIND Versions affected: 9.0.x -> 9.8.x, 9.9.0 -> 9.9.9-P3, 9.9.3-S1 -> 9.9.9-S5, 9.10.0 -> 9.10.4-P3, 9.11.0 Severity: High Exploitable: Remotely Description:…

15 CVE-2016-2848: A packet with malformed options can trigger an assertion failure in ISC BIND versions released prior to May 2013 and in packages derived from releases prior to that date.

Please read the "Versions affected" and "Solutions" sections of this advisory carefully This article discusses a vulnerability in BIND that was corrected in ISC-distributed versions in May 2013. However, some versions of BIND distributed by other parties…

16 CVE-2016-2776: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request

CVE: CVE-2016-2776 Document Version: 2.1 Posting date: 2016-09-27 Program Impacted: BIND Versions affected: 9.0.x -> 9.8.x, 9.9.0->9.9.9-P2, 9.9.3-S1->9.9.9-S3, 9.10.0->9.10.4-P2, 9.11.0a1->9.11.0rc1 Severity: High Exploitable: Remotely Description:…

17 CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd

Although not commonly used, the BIND package contains provisions to allow systems to resolve names using the lightweight resolver protocol, a protocol similar to (but distinct from) the normal DNS protocols. The lightweight resolver protocol can be used either…

18 CVE-2016-1285: An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c

CVE: CVE-2016-1285 Document Version: 2.0 Posting date: 09 March 2016 Program Impacted: BIND Versions affected: 9.2.0 -> 9.8.8, 9.9.0->9.9.8-P3, 9.9.3-S1->9.9.8-S5, 9.10.0->9.10.3-P3 Severity: High Exploitable: Remotely (on systems which accept…

19 CVE-2016-2088: A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure.

CVE: CVE-2016-2088 Document Version: 2.0 Posting date: 09 March 2016 Program Impacted: BIND Versions affected: 9.10.0 -> 9.10.3-P3 Severity: High Exploitable: Remotely Description: BIND 9.10 has preliminary support for DNS cookies (or source identity tokens),…

20 CVE-2016-1286: A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c

CVE: CVE-2016-1286 Document Version: 2.0 Posting date: 09 March 2016 Program Impacted: BIND Versions affected: 9.0.0 -> 9.8.8, 9.9.0 -> 9.9.8-P3, 9.9.3-S1 -> 9.9.8-S5, 9.10.0 -> 9.10.3-P3 Severity: High Exploitable: Remotely Description: An error…