CVE-2015-5986 - Vulnerability Details - OpenCVE

openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X Server
Isc	Bind

Configuration 1 [-]

OR	cpe:2.3:a:isc:bind::p2::::::*
	cpe:2.3:a:isc:bind::p3::::::*

Configuration 2 [-]

cpe:2.3:o:apple:mac_os_x_server:5.0.15:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html
http://www.securityfocus.com/bid/76618
http://www.securitytracker.com/id/1033453
https://kb.isc.org/article/AA-01291
https://kb.isc.org/article/AA-01291/0
https://kb.isc.org/article/AA-01305
https://kb.isc.org/article/AA-01306
https://kb.isc.org/article/AA-01307
https://kb.isc.org/article/AA-01438
https://kc.mcafee.com/corporate/index?page=content&id=SB10134
https://nvd.nist.gov/vuln/detail/CVE-2015-5986
https://security.gentoo.org/glsa/201510-01
https://security.netapp.com/advisory/ntap-20190730-0001/
https://support.apple.com/HT205376
https://www.cve.org/CVERecord?id=CVE-2015-5986

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-09-05T01:00:00

Updated: 2024-08-06T07:06:35.031Z

Reserved: 2015-08-13T00:00:00

Link: CVE-2015-5986

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-09-05T02:59:04.367

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-5986

Redhat

Severity : Moderate

Publid Date: 2015-09-02T00:00:00Z

Links: CVE-2015-5986 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-09-02T00:00:00", "descriptions": [{"lang": "en", "value": "openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-30T17:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2015-10-21-8", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-01438"}, {"name": "FEDORA-2015-14954", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/HT205376"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-01291"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-01307"}, {"name": "GLSA-201510-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201510-01"}, {"name": "1033453", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033453"}, {"name": "76618", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/76618"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-01305"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/article/AA-01306"}, {"name": "FEDORA-2015-14958", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190730-0001/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-5986", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2015-10-21-8", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html"}, {"name": "https://kb.isc.org/article/AA-01438", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01438"}, {"name": "FEDORA-2015-14954", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html"}, {"name": "https://support.apple.com/HT205376", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205376"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134"}, {"name": "https://kb.isc.org/article/AA-01291", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01291"}, {"name": "https://kb.isc.org/article/AA-01307", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01307"}, {"name": "GLSA-201510-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201510-01"}, {"name": "1033453", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033453"}, {"name": "76618", "refsource": "BID", "url": "http://www.securityfocus.com/bid/76618"}, {"name": "https://kb.isc.org/article/AA-01305", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01305"}, {"name": "https://kb.isc.org/article/AA-01306", "refsource": "CONFIRM", "url": "https://kb.isc.org/article/AA-01306"}, {"name": "FEDORA-2015-14958", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html"}, {"name": "https://security.netapp.com/advisory/ntap-20190730-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190730-0001/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:06:35.031Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2015-10-21-8", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-01438"}, {"name": "FEDORA-2015-14954", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/HT205376"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-01291"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-01307"}, {"name": "GLSA-201510-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201510-01"}, {"name": "1033453", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033453"}, {"name": "76618", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/76618"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-01305"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/article/AA-01306"}, {"name": "FEDORA-2015-14958", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190730-0001/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-5986", "datePublished": "2015-09-05T01:00:00", "dateReserved": "2015-08-13T00:00:00", "dateUpdated": "2024-08-06T07:06:35.031Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:p2:*:*:*:*:*:*", "matchCriteriaId": "E5DB42B0-9CB2-4BFC-A65F-7FD5B02E2A2C", "versionEndIncluding": "9.9.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:p3:*:*:*:*:*:*", "matchCriteriaId": "55E3AFE2-7622-4D11-ADCA-708E9E72BB0D", "versionEndIncluding": "9.10.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x_server:5.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "1B9E950F-9312-4352-A7CE-21D09A3456B5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response."}, {"lang": "es", "value": "Openpgpkey_61.c en demonio named en ISC BIND 9.9.7 en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegaci\u00f3n de servicio (error en aserci\u00f3n REQUIRE y salida del demonio) a trav\u00e9s de una respuesta DNS manipulada."}], "id": "CVE-2015-5986", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-09-05T02:59:04.367", "references": [{"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/76618"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1033453"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kb.isc.org/article/AA-01291"}, {"source": "cve@mitre.org", "url": "https://kb.isc.org/article/AA-01305"}, {"source": "cve@mitre.org", "url": "https://kb.isc.org/article/AA-01306"}, {"source": "cve@mitre.org", "url": "https://kb.isc.org/article/AA-01307"}, {"source": "cve@mitre.org", "url": "https://kb.isc.org/article/AA-01438"}, {"source": "cve@mitre.org", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201510-01"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20190730-0001/"}, {"source": "cve@mitre.org", "url": "https://support.apple.com/HT205376"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/76618"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033453"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.isc.org/article/AA-01291"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kb.isc.org/article/AA-01305"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kb.isc.org/article/AA-01306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kb.isc.org/article/AA-01307"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kb.isc.org/article/AA-01438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10134"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201510-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20190730-0001/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT205376"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}