CVE-2016-2775

bind: Too long query name causes segmentation fault in lwresd

Severity Score

5.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.

ISC BIND 9.x en versiones anteriores a 9.9.9-P2, 9.10.x en versiones anteriores a 9.10.4-P2 y 9.11.x en versiones anteriores a 9.11.0b2, cuando lwresd o la opción nombrada lwres está habilitada, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición larga que utiliza el protocolo ligero de resolución.

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or named when using the "lwres" statement in named.conf.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-02-26 CVE Reserved
2016-07-19 CVE Published
2024-08-05 CVE Updated
2024-11-22 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (18)

URL	Tag	Source
http://www.securityfocus.com/bid/92037	Third Party Advisory
http://www.securitytracker.com/id/1036360	Third Party Advisory
https://kb.isc.org/article/AA-01435	Broken Link
https://kb.isc.org/article/AA-01436	Broken Link
https://kb.isc.org/article/AA-01438	Broken Link
https://security.netapp.com/advisory/ntap-20160722-0002	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05321107	2023-11-07
https://kb.isc.org/article/AA-01393/74/CVE-2016-2775	2023-11-07

URL	Date	SRC
https://access.redhat.com/errata/RHBA-2017:0651	2023-11-07
https://access.redhat.com/errata/RHBA-2017:1767	2023-11-07
https://access.redhat.com/errata/RHSA-2017:2533	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7T2WJP5ELO4ZRSBXSETIZ3GAO6KOEFTA	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZUCSMEOZIZ2R2SKA4FPLTOVZHJBAOWC	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ5STNEUHBNEPUHJT7CYEVSMATFYMIX7	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TT754KDUJTKOASJODJX7FKHCOQ6EC7UX	2023-11-07
https://security.gentoo.org/glsa/201610-07	2023-11-07
https://access.redhat.com/security/cve/CVE-2016-2775	2017-08-24
https://bugzilla.redhat.com/show_bug.cgi?id=1357803	2017-08-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hp Search vendor "Hp"		Hp-ux Search vendor "Hp" for product "Hp-ux"				b.11.31 Search vendor "Hp" for product "Hp-ux" and version "b.11.31"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.0 <= 9.9.8 Search vendor "Isc" for product "Bind" and version " >= 9.0 <= 9.9.8"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				>= 9.10.0 <= 9.10.3 Search vendor "Isc" for product "Bind" and version " >= 9.10.0 <= 9.10.3"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		b1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		b2		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		p1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		rc1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		s1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.9.9 Search vendor "Isc" for product "Bind" and version "9.9.9"		s1rc1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.4 Search vendor "Isc" for product "Bind" and version "9.10.4"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.4 Search vendor "Isc" for product "Bind" and version "9.10.4"		beta1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.4 Search vendor "Isc" for product "Bind" and version "9.10.4"		beta2		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.4 Search vendor "Isc" for product "Bind" and version "9.10.4"		beta3		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.10.4 Search vendor "Isc" for product "Bind" and version "9.10.4"		p1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.0 Search vendor "Isc" for product "Bind" and version "9.11.0"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.0 Search vendor "Isc" for product "Bind" and version "9.11.0"		alpha1		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.0 Search vendor "Isc" for product "Bind" and version "9.11.0"		alpha2		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.0 Search vendor "Isc" for product "Bind" and version "9.11.0"		alpha3		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.11.0 Search vendor "Isc" for product "Bind" and version "9.11.0"		beta1		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				23 Search vendor "Fedoraproject" for product "Fedora" and version "23"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				24 Search vendor "Fedoraproject" for product "Fedora" and version "24"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.4 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.5 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.5"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.2 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.3 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				7.7 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected