[email protected]NVD:CVE-2006-4095

HistorySep 06, 2006 - 12:04 a.m.

CVE-2006-4095

2006-09-0600:04:00

CWE-617

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.076 Low

EPSS

Percentile

94.2%

JSON

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Affected configurations

NVD

Node

iscbindRange≤9.2.6

iscbindRange9.3.0–9.3.2

Node

canonicalubuntu_linuxMatch5.04

canonicalubuntu_linuxMatch5.10

canonicalubuntu_linuxMatch6.06

Node

applemac_os_xRange<10.3.9

applemac_os_xRange10.4.0–10.4.9

applemac_os_x_serverRange<10.3.9

applemac_os_x_serverRange10.4.0–10.4.9

References

docs.info.apple.com/article.html?artnum=305530

lists.apple.com/archives/security-announce/2007/May/msg00004.html

secunia.com/advisories/21752

secunia.com/advisories/21786

secunia.com/advisories/21816

secunia.com/advisories/21818

secunia.com/advisories/21828

secunia.com/advisories/21835

secunia.com/advisories/21838

secunia.com/advisories/21912

secunia.com/advisories/21926

secunia.com/advisories/22298

secunia.com/advisories/24950

secunia.com/advisories/25402

security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc

security.gentoo.org/glsa/glsa-200609-11.xml

securitytracker.com/id?1016794

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241

www.kb.cert.org/vuls/id/915404

www.mandriva.com/security/advisories?name=MDKSA-2006:163

www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en

www.novell.com/linux/security/advisories/2006_23_sr.html

www.novell.com/linux/security/advisories/2006_24_sr.html

www.openbsd.org/errata.html

www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html

www.securityfocus.com/archive/1/445600/100/0/threaded

www.securityfocus.com/bid/19859

www.ubuntu.com/usn/usn-343-1

www.us.debian.org/security/2006/dsa-1172

www.vupen.com/english/advisories/2006/3473

www.vupen.com/english/advisories/2007/1401

www.vupen.com/english/advisories/2007/1939

exchange.xforce.ibmcloud.com/vulnerabilities/28745

issues.rpath.com/browse/RPL-626

www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.076 Low

EPSS

Percentile

94.2%

JSON

Related for NVD:CVE-2006-4095

fedora1 redhatcve1 cve1 openvas13 cvelist1 ubuntucve1 nessus13 debiancve1 freebsd1 gentoo1 debian1 securityvulns1 freebsd_advisory1 slackware1 osv1 cert2 ubuntu1 seebug1