7.5

CVE-2006-4095

EPSS 8.75%
Published 06.09.2006 00:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Affected products Warnungen 0 Metrics 3 CWE 1 References 38

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Bind Version <= 9.2.6

Isc ≫ Bind Version >= 9.3.0 <= 9.3.2

Canonical ≫ Ubuntu Linux Version5.04

Canonical ≫ Ubuntu Linux Version5.10

Canonical ≫ Ubuntu Linux Version6.06

Apple ≫ macOS X Version < 10.3.9

Apple ≫ macOS X Version >= 10.4.0 < 10.4.9

Apple ≫ macOS X Server Version < 10.3.9

Apple ≫ macOS X Server Version >= 10.4.0 < 10.4.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	8.75%	0.922

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

http://www.openbsd.org/errata.html

Release Notes

http://www.novell.com/linux/security/advisories/2006_23_sr.html

Broken Link

http://docs.info.apple.com/article.html?artnum=305530

Broken Link

http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

Mailing List

http://secunia.com/advisories/25402

Broken Link

http://www.vupen.com/english/advisories/2007/1939

Broken Link

http://secunia.com/advisories/24950

Broken Link

http://www.vupen.com/english/advisories/2007/1401

Broken Link

https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144

Broken Link

http://secunia.com/advisories/21752

Broken Link

http://secunia.com/advisories/21786

Broken Link

http://secunia.com/advisories/21816

Broken Link

http://secunia.com/advisories/21818

Broken Link

http://secunia.com/advisories/21828

Broken Link

http://secunia.com/advisories/21835

Broken Link

http://secunia.com/advisories/21838

Broken Link

http://secunia.com/advisories/21912

Broken Link

http://secunia.com/advisories/21926

Broken Link

http://secunia.com/advisories/22298

Broken Link

http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200609-11.xml

Third Party Advisory

http://securitytracker.com/id?1016794

Third Party Advisory

Broken Link

VDB Entry

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241

Broken Link

http://www.kb.cert.org/vuls/id/915404

Patch

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2006:163

Broken Link

http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en

Patch

Broken Link

http://www.novell.com/linux/security/advisories/2006_24_sr.html

Broken Link

http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html

Broken Link

http://www.securityfocus.com/archive/1/445600/100/0/threaded

Third Party Advisory

Broken Link

VDB Entry

http://www.securityfocus.com/bid/19859

Third Party Advisory

Broken Link

VDB Entry

http://www.ubuntu.com/usn/usn-343-1

Third Party Advisory

http://www.us.debian.org/security/2006/dsa-1172

Broken Link

http://www.vupen.com/english/advisories/2006/3473

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/28745

Third Party Advisory

VDB Entry

https://issues.rpath.com/browse/RPL-626

Broken Link

https://nvd.nist.gov/vuln/detail/CVE-2006-4095

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4095

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4095

EUVD