CVE-2016-9131 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-9131 PUBLISHED

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.

EPSS 72.83% · 98.8th percentile

Risk Scores

EPSS Score

72.83%

98.8th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	bind9	0, 1:9.9.5.dfsg-11ubuntu1, 1:9.9.5.dfsg-12
Ubuntu:14.04:LTS	bind9	0, 1:9.9.5.dfsg-3ubuntu0.10, 1:9.9.3.dfsg.P2-4ubuntu1

Timeline

Jan 11, 2017 CVE Published
Feb 4, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Dec 16, 2023 EPSS Score
Dec 17, 2024 EPSS Score
Mar 27, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Apr 4, 2025 EPSS Score
Apr 7, 2025 EPSS Score
Apr 13, 2025 EPSS Score
Apr 14, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2016-9131 third-party-advisory
https://kb.isc.org/article/AA-01439/0 third-party-advisory
https://ubuntu.com/security/notices/USN-3172-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2016-9131 third-party-advisory

Open in Interactive Console →