CVE-2016-1285 (retired)

Priority
Description
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not
properly handle DNAME records when parsing fetch reply messages, which
allows remote attackers to cause a denial of service (assertion failure and
daemon exit) via a malformed packet to the rndc (aka control channel)
interface, related to alist.c and sexpr.c.
Assigned-to
mdeslaur
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:released (9.9.8-P4, 9.10.3-P4)
Ubuntu 12.04 ESM (Precise Pangolin):released (1:9.8.1.dfsg.P1-4ubuntu0.16)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1:9.10.3.dfsg.P4-1)
More Information

Updated: 2019-09-19 15:56:57 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)