7.5
CVE-2006-4095
- EPSS 12.55%
- Veröffentlicht 06.09.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version5.04
Canonical ≫ Ubuntu Linux Version5.10
Canonical ≫ Ubuntu Linux Version6.06
Apple ≫ macOS X Server Version < 10.3.9
Apple ≫ macOS X Server Version >= 10.4.0 < 10.4.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.55% | 0.957 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
http://www.openbsd.org/errata.html
http://www.novell.com/linux/security/advisories/2006_23_sr.html
http://docs.info.apple.com/article.html?artnum=305530
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
http://secunia.com/advisories/25402
http://www.vupen.com/english/advisories/2007/1939
http://secunia.com/advisories/24950
http://www.vupen.com/english/advisories/2007/1401
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
http://secunia.com/advisories/21752
http://secunia.com/advisories/21786
http://secunia.com/advisories/21816
http://secunia.com/advisories/21818
http://secunia.com/advisories/21828
http://secunia.com/advisories/21835
http://secunia.com/advisories/21838
http://secunia.com/advisories/21912
http://secunia.com/advisories/21926
http://secunia.com/advisories/22298
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc
http://security.gentoo.org/glsa/glsa-200609-11.xml
http://securitytracker.com/id?1016794
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241
http://www.kb.cert.org/vuls/id/915404
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
http://www.novell.com/linux/security/advisories/2006_24_sr.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html
http://www.securityfocus.com/archive/1/445600/100/0/threaded
http://www.securityfocus.com/bid/19859
http://www.ubuntu.com/usn/usn-343-1
http://www.us.debian.org/security/2006/dsa-1172
http://www.vupen.com/english/advisories/2006/3473
https://exchange.xforce.ibmcloud.com/vulnerabilities/28745
https://issues.rpath.com/browse/RPL-626