PROTOCOL-DNS -- Snort alerted on a Domain Name Server (DNS) protocol issue. These packets travel over UDP on port 53 to serve DNS queries--user website requests through a browser. Several vulnerability use-cases exist (ie, additional data could be sent with a request, which would contact a DNS server pre-prepared to send information back and forth).
PROTOCOL-DNS ISC BIND isc__buffer_add assertion failure denial of service attempt
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. Impact: CVSS base score 7.5 CVSS impact score 3.6 CVSS exploitability score 3.9 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2016-2776 |
Loading description
|