Lucene search

[email protected]CVE-2006-0987

HistoryMar 03, 2006 - 11:02 a.m.

CVE-2006-0987

2006-03-0311:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

4769

isc bind

denial of service

cve-2006-0987

dns queries

security vulnerability

9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON

The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.

CPENameOperatorVersion
isc:bindisc bindeq9.3.2

CPE	Name	Operator	Version
isc:bind	isc bind	eq	9.3.2

References

dns.measurement-factory.com/surveys/sum1.html

kb.isc.org/article/AA-00269

www.securityfocus.com/archive/1/426368/100/0/threaded

www.us-cert.gov/reading_room/DNS-recursion121605.pdf

9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.016 Low

EPSS

Percentile

87.2%

JSON

Related for CVE-2006-0987

nessus8 openvas1 debiancve1 ubuntucve1 cvelist1 prion1 aix1 f52 nmap1