CVE-2015-5986

CWE-20 โ€” Improper Input Validation9 documents8 sources
Severity
7.1HIGH
EPSS
48.0%
top 2.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ISC BindApple MAC OS X Server
Timeline
PublishedSep 5
Latest updateMay 17

Description

openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

โ–ถNVDisc/bind9.9.7+1
โ–ถNVDapple/mac_os_x_server5.0.15

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-q676-ggwg-j7vx: openpgpkey_61โ†—2022-05-17
โ–ถ
CVEList
CVE-2015-5986: openpgpkey_61โ†—2015-09-05
โ–ถ

๐Ÿ“‹Vendor Advisories

4
BSD
FreeBSD-SA-15:23.bind: BIND remote denial of service vulnerabilityโ†—2015-09-02
โ–ถ
Red Hat
Bind: fromwire_openpgpkey() incorrect boundary check Denial of Serviceโ†—2015-09-02
โ–ถ
Debian
CVE-2015-5986: bind9 - openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.1...โ†—2015
โ–ถ
Apple
CVE-2015-5986: OS X Server 5.0.15โ†—
โ–ถ

๐Ÿ’ฌCommunity

2
Bugzilla
CVE-2015-5986 bind99: Bind: fromwire_openpgpkey() incorrect boundary check Denial of Service [fedora-22]โ†—2015-09-03
โ–ถ
Bugzilla
CVE-2015-5986 Bind: fromwire_openpgpkey() incorrect boundary check Denial of Serviceโ†—2015-09-01
โ–ถ