CVE-2015-8705

7HIGH

Key Information

Vendor: Isc
Status: Bind
Vendor: CVE Published:; 20 January 2016

Summary

buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.

EPSS Score

4% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jan 20, 2016
Vulnerability Reserved.
Dec 30, 2015

Collectors

NVD DatabaseMitre Database