Vulnerability CVE-2006-3440 - CERT Civis.Net

Vulnerability Name:

CVE-2006-3440 (CCN-28014)

Assigned:

2006-08-08

Published:

2006-08-08

Updated:

2018-10-12

Summary:

Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability."

CVSS v3 Severity:

9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2006-3440

Source: CCN
Type: SA21394
Windows DNS Resolution Code Execution Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
21394

Source: CCN
Type: SECTRACK ID: 1016653
Windows Winsock and DNS Client Buffer Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1016653

Source: CCN
Type: ASA-2006-154
Windows Security Updates for August 2006 - (MS06-040 - MS06-051)

Source: CCN
Type: US-CERT VU#908276
Microsoft Winsock buffer overflow

Source: CERT-VN
Type: Patch, US Government Resource
VU#908276

Source: CCN
Type: Microsoft Security Bulletin MS06-041
Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683)

Source: BID
Type: UNKNOWN
19319

Source: CCN
Type: BID-19319
Microsoft Winsock Gethostbyname Buffer Overflow Vulnerability

Source: CCN
Type: US-CERT Technical Cyber Security Alert TA06-220A
Microsoft Windows, Office, and Internet Explorer Vulnerabilities

Source: CERT
Type: Patch, US Government Resource
TA06-220A

Source: VUPEN
Type: UNKNOWN
ADV-2006-3211

Source: MS
Type: UNKNOWN
MS06-041

Source: XF
Type: UNKNOWN
win-winsock-api-bo(28014)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:747

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*

OR cpe:/a:microsoft:windows_2003:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:747	V	Winsock Hostname Vulnerability	2011-05-09