Vulnerability Name:

CVE-2006-0527 (CCN-24414)

Assigned:2006-02-01
Published:2006-02-01
Updated:2018-10-19
Summary:BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBTU02095
SSRT051007 rev.1 - HP Tru64 UNIX Running DNS BIND Remote Unauthorized Privileged Access

Source: CCN
Type: BugTraq Mailing List, Thu Feb 09 2006 - 14:39:10 CST
[security bulletin] SSRT051007 rev.2 - HP Tru64 UNIX Running DNS BIND4/BIND8 with Forwarders: Remote Unauthorized Privileged Access

Source: VIM
Type: UNKNOWN
20060216 Recent HP advisories outline BIND problems

Source: MISC
Type: UNKNOWN
http://computerworld.com/networkingtopics/networking/story/0,10801,103744,00.html

Source: MITRE
Type: CNA
CVE-2006-0527

Source: CCN
Type: SA18690
HP Tru64 UNIX BIND4/BIND8 DNS Cache Poisoning Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
18690

Source: SREASON
Type: UNKNOWN
438

Source: SREASON
Type: UNKNOWN
748

Source: CCN
Type: SECTRACK ID: 1015551
HP Tru64 UNIX BIND Flaw Facilitates Cache Corruption Attacks and May Let Remote Users Gain Privileged Access

Source: SECTRACK
Type: Patch
1015551

Source: CCN
Type: SECTRACK ID: 1015606
HP Tru64 UNIX DNS BIND4/BIND8 Facilitates Cache Corruption Attacks

Source: SECTRACK
Type: Patch
1015606

Source: OSVDB
Type: UNKNOWN
22888

Source: CCN
Type: OSVDB ID: 22888
HP Tru64 UNIX DNS BIND Unspecified Remote Privilege Escalation

Source: HP
Type: UNKNOWN
SSRT051045

Source: BID
Type: UNKNOWN
16455

Source: CCN
Type: BID-16455
HP Tru64 DNS BIND Unspecified Remote Unauthorized Access Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0399

Source: HP
Type: UNKNOWN
HPSBTU02095

Source: XF
Type: UNKNOWN
tru64-dns-bind-unauth-access(24414)

Source: XF
Type: UNKNOWN
tru64-dns-bind-unauth-access(24414)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:isc:bind:4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8:*:*:*:-:*:*:*

    • Configuration CCN 1:
  • cpe:/o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    isc bind 4
    isc bind 8
    compaq tru64 4.0g_pk4_bl22
    compaq tru64 4.0f_pk8_bl22