Think you have a false positive on this rule?

Sid 1-38281

Message

PROTOCOL-DNS ISC BIND totextinapl denial of service attempt

Summary

apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

Impact

CVSS base score 6.5 CVSS impact score 3.6 CVSS exploitability score 2.8 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE

CVE-2015-8704:

CVSS base score 6.5

CVSS impact score 3.6

CVSS exploitability score 2.8

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Detailed information

CVE-2015-8704: apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

Affected systems

  • isc bind 9.0
  • isc bind 9.0.1
  • isc bind 9.1
  • isc bind 9.1.1
  • isc bind 9.1.2
  • isc bind 9.1.3
  • isc bind 9.2
  • isc bind 9.2.0
  • isc bind 9.2.1
  • isc bind 9.2.2
  • isc bind 9.2.3
  • isc bind 9.2.4
  • isc bind 9.2.5
  • isc bind 9.2.6
  • isc bind 9.2.7
  • isc bind 9.3
  • isc bind 9.3.0
  • isc bind 9.3.1
  • isc bind 9.3.2
  • isc bind 9.3.3
  • isc bind 9.4
  • isc bind 9.4.0
  • isc bind 9.4.0a1
  • isc bind 9.4.0a2
  • isc bind 9.4.0a3
  • isc bind 9.4.0a4
  • isc bind 9.4.0a5
  • isc bind 9.4.0a6
  • isc bind 9.4.0b1
  • isc bind 9.4.0b2
  • isc bind 9.4.0b3
  • isc bind 9.4.0b4
  • isc bind 9.4.1
  • isc bind 9.4.2
  • isc bind 9.4.3
  • isc bind 9.4.3b1
  • isc bind 9.4.3b2
  • isc bind 9.4.3b3
  • isc bind 9.5
  • isc bind 9.5.0
  • isc bind 9.5.0-p1
  • isc bind 9.5.0-p2
  • isc bind 9.5.0-p2-w1
  • isc bind 9.5.0-p2-w2
  • isc bind 9.5.0a1
  • isc bind 9.5.0a2
  • isc bind 9.5.0a3
  • isc bind 9.5.0a4
  • isc bind 9.5.0a5
  • isc bind 9.5.0a6
  • isc bind 9.5.0a7
  • isc bind 9.5.0b1
  • isc bind 9.5.0b2
  • isc bind 9.5.0b3
  • isc bind 9.5.1
  • isc bind 9.5.1b1
  • isc bind 9.5.1b2
  • isc bind 9.5.1b3
  • isc bind 9.5.2
  • isc bind 9.5.2-p1
  • isc bind 9.5.2-p2
  • isc bind 9.5.2-p3
  • isc bind 9.5.2-p4
  • isc bind 9.5.2b1
  • isc bind 9.5.3
  • isc bind 9.5.3b1
  • isc bind 9.6-esv
  • isc bind 9.6-esv-r1
  • isc bind 9.6-esv-r2
  • isc bind 9.6-esv-r3
  • isc bind 9.6-esv-r4
  • isc bind 9.6-esv-r4-p1
  • isc bind 9.6-esv-r5
  • isc bind 9.6-esv-r5b1
  • isc bind 9.6-esv-r6
  • isc bind 9.6-esv-r7
  • isc bind 9.9.8
  • isc bind 9.10.1
  • isc bind 9.10.2
  • isc bind 9.10.3

Ease of attack

CVE-2015-8704:

Access Vector

Access Complexity

Authentication

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • kb.isc.org/article/AA-01335