named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
History
No history.
Information
Published : 2016-03-09 23:59
Updated : 2025-04-12 10:46
NVD link : CVE-2016-1285
Mitre link : CVE-2016-1285
CVE.ORG link : CVE-2016-1285
JSON object : View
Products Affected
juniper
- vsrx
- srx210
- srx1400
- srx5600
- srx4100
- srx4300
- srx550
- srx240m
- srx240h2
- srx550_hm
- srx1600
- srx320
- srx340
- srx4200
- srx3400
- srx550m
- srx300
- srx110
- srx650
- srx345
- srx240
- srx1500
- junos
- srx220
- srx3600
- srx4000
- srx4700
- srx2300
- srx5000
- srx5800
- srx100
- srx5400
- srx380
- srx4600
isc
- bind
suse
- openstack_cloud
- manager
- linux_enterprise_desktop
- manager_proxy
- linux_enterprise_software_development_kit
- linux_enterprise_debuginfo
- linux_enterprise_server
opensuse
- leap
- opensuse
canonical
- ubuntu_linux
fedoraproject
- fedora
debian
- debian_linux
CWE