1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
Candidate: CVE-2015-8705
CRD: 2016-01-19 20:00:00
PublicDate: 2016-01-20
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
https://kb.isc.org/article/AA-01336
Description:
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging
is enabled, allows remote attackers to cause a denial of service (REQUIRE
assertion failure and daemon exit, or daemon crash) or possibly have
unspecified other impact via (1) OPT data or (2) an ECS option.
Ubuntu-Description:
Notes:
tyhicks> Versions affected are 9.10.0 through 9.10.3-P2
Bugs:
Priority: medium
Discovered-by: Tatuya Jinmei
Assigned-to:
Patches_bind9:
upstream_bind9: released (9.9.8-P3,9.10.3-P3)
precise_bind9: not-affected
trusty_bind9: not-affected
vivid_bind9: not-affected
wily_bind9: not-affected
devel_bind9: not-affected (1:9.9.5.dfsg-12.1)
|