// For flags

CVE-2015-8704

bind: specific APL data could trigger an INSIST in apl_42.c

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

apl_42.c en ISC BIND 9.x en versiones anteriores a 9.9.8-P3, 9.9.x y 9.10.x en versiones anteriores a 9.10.3-P3 permite a usuarios remotos autenticados provocar una denegación de servicio (fallo de la afirmación INSIST y salida de demonio) a través de un registro Address Prefix List (APL) mal formado.

A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List (APL) records. A remote, authenticated attacker could use this flaw to cause named to crash.

There is an off-by-one error in a buffer size check when performing certain string formatting operations. Slaves using text-format db files could be vulnerable if receiving a malformed record in a zone transfer from their master. Masters using text-format db files could be vulnerable if they accept a malformed record in a DDNS update message. Recursive resolvers are potentially vulnerable when debug logging is enabled and if they are fed a deliberately malformed record by a malicious server. A server which has cached a specially constructed record could encounter this condition while performing 'rndc dumpdb'.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Complete
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-12-30 CVE Reserved
  • 2016-01-20 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (29)
URL Tag Source
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html X_refsource_confirm
http://www.securityfocus.com/bid/81329 Vdb Entry
http://www.securitytracker.com/id/1034739 Vdb Entry
https://kb.isc.org/article/AA-01438 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html 2018-10-30
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178045.html 2018-10-30
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175973.html 2018-10-30
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00019.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00020.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00022.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00023.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00024.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00025.html 2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html 2018-10-30
http://marc.info/?l=bugtraq&m=145680832702035&w=2 2018-10-30
http://rhn.redhat.com/errata/RHSA-2016-0073.html 2018-10-30
http://rhn.redhat.com/errata/RHSA-2016-0074.html 2018-10-30
http://www.debian.org/security/2016/dsa-3449 2018-10-30
http://www.ubuntu.com/usn/USN-2874-1 2018-10-30
https://kb.isc.org/article/AA-01335 2018-10-30
https://kb.isc.org/article/AA-01380 2018-10-30
https://security.gentoo.org/glsa/201610-07 2018-10-30
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:08.bind.asc 2018-10-30
https://access.redhat.com/security/cve/CVE-2015-8704 2016-01-27
https://bugzilla.redhat.com/show_bug.cgi?id=1299364 2016-01-27
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.0
Search vendor "Isc" for product "Bind" and version "9.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.0.1
Search vendor "Isc" for product "Bind" and version "9.0.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.1
Search vendor "Isc" for product "Bind" and version "9.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.1.1
Search vendor "Isc" for product "Bind" and version "9.1.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.1.2
Search vendor "Isc" for product "Bind" and version "9.1.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.1.3
Search vendor "Isc" for product "Bind" and version "9.1.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2
Search vendor "Isc" for product "Bind" and version "9.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.0
Search vendor "Isc" for product "Bind" and version "9.2.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.1
Search vendor "Isc" for product "Bind" and version "9.2.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.2
Search vendor "Isc" for product "Bind" and version "9.2.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.2
Search vendor "Isc" for product "Bind" and version "9.2.2"
p3
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.3
Search vendor "Isc" for product "Bind" and version "9.2.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.4
Search vendor "Isc" for product "Bind" and version "9.2.4"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.5
Search vendor "Isc" for product "Bind" and version "9.2.5"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.6
Search vendor "Isc" for product "Bind" and version "9.2.6"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2.7
Search vendor "Isc" for product "Bind" and version "9.2.7"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3
Search vendor "Isc" for product "Bind" and version "9.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3.0
Search vendor "Isc" for product "Bind" and version "9.3.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3.1
Search vendor "Isc" for product "Bind" and version "9.3.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3.2
Search vendor "Isc" for product "Bind" and version "9.3.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3.3
Search vendor "Isc" for product "Bind" and version "9.3.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4
Search vendor "Isc" for product "Bind" and version "9.4"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.0
Search vendor "Isc" for product "Bind" and version "9.4.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.0
Search vendor "Isc" for product "Bind" and version "9.4.0"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.1
Search vendor "Isc" for product "Bind" and version "9.4.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.2
Search vendor "Isc" for product "Bind" and version "9.4.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.3
Search vendor "Isc" for product "Bind" and version "9.4.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4.3
Search vendor "Isc" for product "Bind" and version "9.4.3"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5
Search vendor "Isc" for product "Bind" and version "9.5"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.0
Search vendor "Isc" for product "Bind" and version "9.5.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.0
Search vendor "Isc" for product "Bind" and version "9.5.0"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.1
Search vendor "Isc" for product "Bind" and version "9.5.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.1
Search vendor "Isc" for product "Bind" and version "9.5.1"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.1
Search vendor "Isc" for product "Bind" and version "9.5.1"
rc2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.2
Search vendor "Isc" for product "Bind" and version "9.5.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.2
Search vendor "Isc" for product "Bind" and version "9.5.2"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.3
Search vendor "Isc" for product "Bind" and version "9.5.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.3
Search vendor "Isc" for product "Bind" and version "9.5.3"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r5_p1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r6_b1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r6_rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r6_rc2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r7_p1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
r7_p2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.9.8
Search vendor "Isc" for product "Bind" and version "9.9.8"
p2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.1
Search vendor "Isc" for product "Bind" and version "9.10.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.1
Search vendor "Isc" for product "Bind" and version "9.10.1"
p1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
b1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
p1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
p2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
p3
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
p4
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.2
Search vendor "Isc" for product "Bind" and version "9.10.2"
rc1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.3
Search vendor "Isc" for product "Bind" and version "9.10.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.3
Search vendor "Isc" for product "Bind" and version "9.10.3"
p1
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.3
Search vendor "Isc" for product "Bind" and version "9.10.3"
p2
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.10.3
Search vendor "Isc" for product "Bind" and version "9.10.3"
rc1
Affected