Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2016-9778

Good to know:

icon

Date: January 10, 2017

An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.

Language: C

Severity Score

Related Resources (7)

http://www.securityfocus.com/bid/95388
https://nvd.nist.gov/vuln/detail/CVE-2016-9778
https://kb.isc.org/article/AA-01442/
http://www.securitytracker.com/id/1037582
https://security.gentoo.org/glsa/201708-01
https://security.netapp.com/advisory/ntap-20180926-0005/
https://www.mend.io/vulnerability-database/CVE-2016-9778

Severity Score

Weakness Type (CWE)

Error Handling

CWE-388

Top Fix

icon

Upgrade Version

Upgrade to version v9_11_1_P1

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us