High severity7.5NVD Advisory· Published Sep 28, 2016· Updated Jun 17, 2026
CVE-2016-2776
CVE-2016-2776
Description
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
67cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*+ 40 more
- cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:p4:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:p4:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:p3:*:*:*:*:*:*range: <=9.9.9
- (no CPE)range: <9.9.9-P3, <9.10.4-P3, <9.11.0rc3
- cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*
- osv-coords17 versionspkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Manager%202.1pkg:rpm/suse/bind&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%205
< 9.10.3P4-21.1+ 16 more
- (no CPE)range: < 9.10.3P4-21.1
- (no CPE)range: < 9.9.9P1-46.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.9P1-46.1
- (no CPE)range: < 9.9.9P1-28.20.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.9P1-28.20.1
- (no CPE)range: < 9.9.9P1-46.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.9P1-46.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
- (no CPE)range: < 9.9.6P1-0.30.1
Patches
Vulnerability mechanics
References
17- www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.htmlnvdThird Party Advisory
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party Advisory
- kb.isc.org/article/AA-01419/0nvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2016-1944.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-1945.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-2099.htmlnvd
- www.securityfocus.com/bid/93188nvd
- www.securitytracker.com/id/1036903nvd
- kb.isc.org/article/AA-01435nvd
- kb.isc.org/article/AA-01436nvd
- kb.isc.org/article/AA-01438nvd
- security.freebsd.org/advisories/FreeBSD-SA-16:28.bind.ascnvd
- security.gentoo.org/glsa/201610-07nvd
- security.netapp.com/advisory/ntap-20160930-0001/nvd
- www.exploit-db.com/exploits/40453/nvd
News mentions
0No linked articles in our index yet.