CVE-2006-4095 · threatengine.sh

Home/CVE/BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain

CVE

CVE-2006-4095

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

HIGH · CVSS 7.5 EPSS 0.04881

Schedule remediation

CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-617Reachable Assertion

▤

Affected Products & Versions

7

isc bind<= 9.2.6
isc bind>= 9.3.0 and <= 9.3.2
canonical ubuntu linuxall versions
apple mac os x< 10.3.9
apple mac os x>= 10.4.0 and < 10.4.9
apple mac os x server< 10.3.9
apple mac os x server>= 10.4.0 and < 10.4.9

▣

Scoring & Timeline

7.5

HIGH · CVSS v3.1 · cve@mitre.org

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD06 Sep 2006 · 12:04 AM

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

⚑

Vendor Advisories

1

🔗

References & Sources

35

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://docs.info.apple.com/article.html?artnum=305530Broken Link

http://lists.apple.com/archives/security-announce/2007/May/msg00004.htmlMailing List

http://secunia.com/advisories/21752Broken Link

http://secunia.com/advisories/21786Broken Link

http://secunia.com/advisories/21816Broken Link

http://secunia.com/advisories/21818Broken Link

Show all 35 references

http://secunia.com/advisories/21828Broken Link

http://secunia.com/advisories/21835Broken Link

http://secunia.com/advisories/21838Broken Link

http://secunia.com/advisories/21912Broken Link

http://secunia.com/advisories/21926Broken Link

http://secunia.com/advisories/22298Broken Link

http://secunia.com/advisories/24950Broken Link

http://secunia.com/advisories/25402Broken Link

http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.ascThird Party Advisory

http://security.gentoo.org/glsa/glsa-200609-11.xmlThird Party Advisory

http://securitytracker.com/id?1016794Broken LinkThird Party AdvisoryVDB Entry

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241Broken Link

http://www.kb.cert.org/vuls/id/915404PatchThird Party AdvisoryUS Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2006:163Broken Link

http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=enBroken LinkPatch

http://www.novell.com/linux/security/advisories/2006_23_sr.htmlBroken Link

http://www.novell.com/linux/security/advisories/2006_24_sr.htmlBroken Link

http://www.openbsd.org/errata.htmlRelease Notes

http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.htmlBroken Link

http://www.securityfocus.com/archive/1/445600/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/19859Broken LinkThird Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/usn-343-1Third Party Advisory

http://www.us.debian.org/security/2006/dsa-1172Broken Link

http://www.vupen.com/english/advisories/2006/3473Broken Link

http://www.vupen.com/english/advisories/2007/1401Broken Link

http://www.vupen.com/english/advisories/2007/1939Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/28745Third Party AdvisoryVDB Entry

https://issues.rpath.com/browse/RPL-626Broken Link

https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144Broken Link

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin