Medium severity6.5NVD Advisory· Published Jan 20, 2016· Updated Jun 17, 2026
CVE-2015-8704
CVE-2015-8704
Description
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
79cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*+ 59 more
- cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.9.8:p2:*:*:*:*:*:*
- (no CPE)range: >= 9.0.0, < 9.9.8-P3 (9.9.x) / < 9.10.3-P3 (9.10.x)
- osv-coords19 versionspkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 9.10.3P4-21.1+ 18 more
- (no CPE)range: < 9.10.3P4-21.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-28.9.1
- (no CPE)range: < 9.9.6P1-35.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-28.9.1
- (no CPE)range: < 9.9.6P1-35.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-28.9.1
- (no CPE)range: < 9.9.6P1-35.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-0.22.1
- (no CPE)range: < 9.9.6P1-28.9.1
- (no CPE)range: < 9.9.6P1-35.1
Patches
Vulnerability mechanics
References
27- marc.infonvdThird Party Advisory
- kb.isc.org/article/AA-01335nvdVendor Advisory
- kb.isc.org/article/AA-01380nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-February/178045.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175973.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00019.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00020.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00022.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00023.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00024.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00025.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-0073.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-0074.htmlnvd
- www.debian.org/security/2016/dsa-3449nvd
- www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.htmlnvd
- www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.htmlnvd
- www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlnvd
- www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlnvd
- www.securityfocus.com/bid/81329nvd
- www.securitytracker.com/id/1034739nvd
- www.ubuntu.com/usn/USN-2874-1nvd
- kb.isc.org/article/AA-01438nvd
- security.gentoo.org/glsa/201610-07nvd
- www.freebsd.org/security/advisories/FreeBSD-SA-16:08.bind.ascnvd
News mentions
0No linked articles in our index yet.