Lucene search

K

RedhatCVELIST:CVE-2016-6170

HistoryJul 06, 2016 - 2:00 p.m.

CVE-2016-6170

2016-07-0614:00:00

redhat

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.

References

www.openwall.com/lists/oss-security/2016/07/06/3

www.securityfocus.com/bid/91611

www.securitytracker.com/id/1036241

bugzilla.redhat.com/show_bug.cgi?id=1353563

github.com/sischkg/xfer-limit/blob/master/README.md

kb.isc.org/article/AA-01390

kb.isc.org/article/AA-01390/169/CVE-2016-6170

lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html

lists.dns-oarc.net/pipermail/dns-operations/2016-July/015073.html

lists.dns-oarc.net/pipermail/dns-operations/2016-July/015075.html

security.gentoo.org/glsa/201610-07

6.3 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

Related for CVELIST:CVE-2016-6170

prion1 f52 redhatcve1 debiancve1 cve1 openvas14 ubuntucve1 nvd1 nessus19 osv1 fedora3 ubuntu1 freebsd1 ibm1 suse3 gentoo1