vulnerability

SUSE: CVE-2016-1285: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
2016-03-09
Added
2016-03-22
Modified
2022-02-04

Description

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.

Solution(s)

suse-upgrade-bindsuse-upgrade-bind-chrootenvsuse-upgrade-bind-develsuse-upgrade-bind-devel-32bitsuse-upgrade-bind-docsuse-upgrade-bind-libssuse-upgrade-bind-libs-32bitsuse-upgrade-bind-libs-x86suse-upgrade-bind-utilssuse-upgrade-libbind9-160suse-upgrade-libbind9-1600suse-upgrade-libdns1605suse-upgrade-libdns169suse-upgrade-libirs-develsuse-upgrade-libirs160suse-upgrade-libirs1601suse-upgrade-libisc1606suse-upgrade-libisc166suse-upgrade-libisc166-32bitsuse-upgrade-libisccc160suse-upgrade-libisccc1600suse-upgrade-libisccfg160suse-upgrade-libisccfg1600suse-upgrade-liblwres160suse-upgrade-libns1604suse-upgrade-python-bindsuse-upgrade-python3-bind

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today