CVE-2016-1284

5.9MEDIUM

Key Information

Vendor: Isc
Status: Bind
Vendor: CVE Published:; 4 February 2016

Summary

rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query.

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Feb 4, 2016
Vulnerability Reserved.
Jan 4, 2016

Collectors

NVD DatabaseMitre Database