Back to search
CVE-2016-6170
Published: Jul 6, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[dns-operations] 20160706 DNS activities in Japan
mailing-list
x_refsource_MLIST
[dns-operations] 20160706 DNS activities in Japan
mailing-list
x_refsource_MLIST
[oss-security] 20160706 Malicious primary DNS servers can crash secondaries
mailing-list
x_refsource_MLIST
1036241
vdb-entry
x_refsource_SECTRACK
[dns-operations] 20160704 DNS activities in Japan
mailing-list
x_refsource_MLIST
GLSA-201610-07
vendor-advisory
x_refsource_GENTOO
https://kb.isc.org/article/AA-01390
x_refsource_CONFIRM
91611
vdb-entry
x_refsource_BID
https://github.com/sischkg/xfer-limit/blob/master/README.md
x_refsource_MISC
https://kb.isc.org/article/AA-01390/169/CVE-2016-6170
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1353563
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now