Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2016-9131

Disclosure Date: January 12, 2017 •

CVE-2016-9131 CVSS v3 Base Score: 7.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.5 High

Impact Score:

3.6

Exploitability Score:

3.9

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

debian,
isc,
netapp,
redhat

Products

bind,
bind 9.10.4,
bind 9.11.0,
bind 9.9.9,
data ontap edge -,
debian linux 8.0,
enterprise linux desktop 7.0,
enterprise linux eus 7.2,
enterprise linux eus 7.3,
enterprise linux eus 7.4,
enterprise linux eus 7.5,
enterprise linux eus 7.6,
enterprise linux eus 7.7,
enterprise linux server 7.0,
enterprise linux server aus 7.2,
enterprise linux server aus 7.3,
enterprise linux server aus 7.4,
enterprise linux server aus 7.6,
enterprise linux server aus 7.7,
enterprise linux server tus 7.2,
enterprise linux server tus 7.3,
enterprise linux server tus 7.6,
enterprise linux server tus 7.7,
enterprise linux server workstation 7.0,
hci management node -,
solidfire -,
steelstore cloud integrated storage -

References

Canonical

CVE-2016-9131 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131)

BID-95386 (http://www.securityfocus.com/bid/95386)

Advisory

SECTRACK-1037582 (http://www.securitytracker.com/id/1037582)

GLSA-201708-01 (https://security.gentoo.org/glsa/201708-01)

https://kb.isc.org/article/AA-01439/74/CVE-2016-9131

https://security.netapp.com/advisory/ntap-20180926-0005

DSA-3758 (http://www.debian.org/security/2017/dsa-3758)

https://access.redhat.com/errata/RHSA-2017:1583

http://rhn.redhat.com/errata/RHSA-2017-0062.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687

Rapid7

Unknown

CVE-2016-9131

Unknown

Unknown

None

None

Network

CVE-2016-9131

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2016-9131

Unknown

Unknown

None

None

Network

CVE-2016-9131

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification