VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-17aa-v6gc-rfa8

Essentials
Severities (38)
References (32)
Severity details (30)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-17aa-v6gc-rfa8
Aliases	CVE-2016-1285
Summary	Multiple vulnerabilities have been found in BIND, the worst of which could cause a Denial of Service condition.
Status	Published
Exploitability	0.5
Weighted Severity	2.5
Risk	1.2
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-617

Reachable Assertion

System	Score	Found at
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html
ssvc	Track	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html
ssvc	Track	http://marc.info/?l=bugtraq&m=146191105921542&w=2
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2016-0562.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2016-0601.html
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
epss	0.68972	https://api.first.org/data/v1/epss?cve=CVE-2016-1285
cvssv2	5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821
ssvc	Track	https://kb.isc.org/article/AA-01352
ssvc	Track	https://kb.isc.org/article/AA-01380
ssvc	Track	https://kb.isc.org/article/AA-01438
ssvc	Track	https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc
ssvc	Track	https://security.gentoo.org/glsa/201610-07
ssvc	Track	http://www.debian.org/security/2016/dsa-3511
ssvc	Track	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
ssvc	Track	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
ssvc	Track	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
ssvc	Track	http://www.securitytracker.com/id/1035236
ssvc	Track	http://www.ubuntu.com/usn/USN-2925-1

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1285.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-1285
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1035236		http://www.securitytracker.com/id/1035236
1315674		https://bugzilla.redhat.com/show_bug.cgi?id=1315674
178880.html		http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html
179911.html		http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html
181037.html		http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html
AA-01352		https://kb.isc.org/article/AA-01352
docDisplay?docId=emr_na-c05087821		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821
dsa-3511		http://www.debian.org/security/2016/dsa-3511
FreeBSD-SA-16:13.bind.asc		https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc
GLSA-201610-07		https://security.gentoo.org/glsa/201610-07
?l=bugtraq&m=146191105921542&w=2		http://marc.info/?l=bugtraq&m=146191105921542&w=2
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html
msg00046.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html
msg00053.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html
msg00070.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html
msg00072.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html
msg00075.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html
msg00079.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html
msg00084.html		http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html
RHSA-2016:0458		https://access.redhat.com/errata/RHSA-2016:0458
RHSA-2016:0459		https://access.redhat.com/errata/RHSA-2016:0459
RHSA-2016:0562		https://access.redhat.com/errata/RHSA-2016:0562
RHSA-2016-0562.html		http://rhn.redhat.com/errata/RHSA-2016-0562.html
RHSA-2016:0601		https://access.redhat.com/errata/RHSA-2016:0601
RHSA-2016-0601.html		http://rhn.redhat.com/errata/RHSA-2016-0601.html
USN-2925-1		https://usn.ubuntu.com/2925-1/
USN-2925-1		http://www.ubuntu.com/usn/USN-2925-1

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://marc.info/?l=bugtraq&m=146191105921542&w=2

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://rhn.redhat.com/errata/RHSA-2016-0562.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://rhn.redhat.com/errata/RHSA-2016-0601.html

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://kb.isc.org/article/AA-01352

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://kb.isc.org/article/AA-01380

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://kb.isc.org/article/AA-01438

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at https://security.gentoo.org/glsa/201610-07

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.debian.org/security/2016/dsa-3511

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.securitytracker.com/id/1035236

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/ Found at http://www.ubuntu.com/usn/USN-2925-1

Exploit Prediction Scoring System (EPSS)

Percentile	0.98619
EPSS Score	0.68972
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:58:38.791703+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201610-07	38.0.0