CVE-2016-6170
Published Jul 6, 2016
Last updated 4 years ago
Overview
- Description
- ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "493B9A51-FA5C-4E94-871F-83AE4ED9EA1D",
"versionEndIncluding": "9.9.8",
"versionStartIncluding": "9.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "667502D2-746A-4FE6-8752-ED19ADA20981",
"versionEndIncluding": "9.10.3",
"versionStartIncluding": "9.10.0"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A2CF04B-BF26-43F9-8BF4-CEBB9BE3AE55"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81E0A500-84EA-47E2-9767-19D8D08CC344"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1E53DC4-53B9-4127-9B8D-96DFFD1E340F"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "376915CA-6BDB-423E-B216-64B098344DD9"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "477AA5E9-2C6F-4CCC-B596-F3DF5AAB13C3"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB2D2132-62E8-4E73-A0BF-4790DAFC5558"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D72B0718-8054-4C8C-8FAF-0DC79C3B4D4D"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F155EC7-B84E-4C05-908A-BFBAF2CE612D"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6C3D04E-B352-4124-A8A5-68AA90EC95DC"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E053C268-5C5F-4ED4-91CF-F8F795185C25"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
}
],
"operator": "OR"
}
]
}
]