Vulnerability Name:

CVE-2006-4095 (CCN-28745)

Assigned:2006-09-05
Published:2006-09-05
Updated:2018-10-17
Summary:BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2006-4095

Source: CCN
Type: Apple Security Update 2007-005
About Security Update 2007-005

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=305530

Source: CCN
Type: Apple Web site
Apple security updates

Source: CCN
Type: NetBSD-SA2006-022
BIND recursive query and SIG query processing

Source: APPLE
Type: UNKNOWN
APPLE-SA-2007-05-24

Source: CCN
Type: SA21752
ISC BIND Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
21752

Source: SECUNIA
Type: UNKNOWN
21786

Source: SECUNIA
Type: UNKNOWN
21816

Source: SECUNIA
Type: UNKNOWN
21818

Source: SECUNIA
Type: UNKNOWN
21828

Source: SECUNIA
Type: UNKNOWN
21835

Source: SECUNIA
Type: UNKNOWN
21838

Source: SECUNIA
Type: UNKNOWN
21912

Source: SECUNIA
Type: UNKNOWN
21926

Source: SECUNIA
Type: UNKNOWN
22298

Source: CCN
Type: SA24950
HP Insight Management Agents SSL Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
24950

Source: SECUNIA
Type: UNKNOWN
25402

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-06:20.bind

Source: GENTOO
Type: UNKNOWN
GLSA-200609-11

Source: CCN
Type: SECTRACK ID: 1016794
BIND Query Processing Bugs Let Remote Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1016794

Source: SLACKWARE
Type: UNKNOWN
SSA:2006-257-01

Source: DEBIAN
Type: DSA-1172
bind9 -- programming error

Source: CCN
Type: GLSA-200609-11
BIND: Denial of Service

Source: CCN
Type: Internet Software Consortium (ISC) Web site
BIND (Berkeley Internet Name Domain) page

Source: CCN
Type: US-CERT VU#915404
BIND vulnerable to an assertion failure when querying for SIG records

Source: CERT-VN
Type: Patch, US Government Resource
VU#915404

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:163

Source: CCN
Type: NISCC Vulnerability Advisory 172003/NISCC/BIND9
Multiple DoS Vulnerabilities in the BIND 9 Software

Source: MISC
Type: Patch
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:023

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:024

Source: OPENBSD
Type: UNKNOWN
[3.9] 20060908 010: SECURITY FIX: September 8, 2006

Source: CCN
Type: OpenPKG-SA-2006.019
BIND

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2006.019

Source: CCN
Type: OSVDB ID: 28557
ISC BIND SIG Query Multiple RRsets Response DoS

Source: BUGTRAQ
Type: UNKNOWN
20060908 rPSA-2006-0166-1 bind bind-utils

Source: BID
Type: UNKNOWN
19859

Source: CCN
Type: BID-19859
ISC BIND Multiple Remote Denial of Service Vulnerabilities

Source: CCN
Type: TLSA-2006-27
bind denial of service attack

Source: CCN
Type: USN-343-1
bind9 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-343-1

Source: DEBIAN
Type: UNKNOWN
DSA-1172

Source: VUPEN
Type: UNKNOWN
ADV-2006-3473

Source: VUPEN
Type: UNKNOWN
ADV-2007-1401

Source: VUPEN
Type: UNKNOWN
ADV-2007-1939

Source: XF
Type: UNKNOWN
bind-dnssec-rrset-dos(28745)

Source: XF
Type: UNKNOWN
bind-dnssec-rrset-dos(28745)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-626

Source: SUSE
Type: SUSE-SR:2006:024
SUSE Security Summary Report

Source: HP
Type: UNKNOWN
SSRT071304

Vulnerable Configuration:Configuration 1:
  • cpe:/a:isc:bind:9.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.2:*:*:*:-:*:*:*

  • Configuration CCN 1:
  • cpe:/a:isc:bind:9.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3:*:*:*:-:*:*:*
  • AND
  • cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.5:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20064095
    V
    CVE-2006-4095
    2015-11-16
    oval:org.debian:def:1172
    V
    programming error
    2006-09-09
    BACK
    isc bind 9.2.3
    isc bind 9.2.4
    isc bind 9.2.5
    isc bind 9.2.6
    isc bind 9.3
    isc bind 9.3.0
    isc bind 9.3.1
    isc bind 9.3.2
    isc bind 9.3.0
    isc bind 9.3.1
    isc bind 9.3.2
    isc bind 9.2.3
    isc bind 9.2.4
    isc bind 9.2.5
    isc bind 9.2.6
    isc bind 9.3
    openpkg openpkg current
    gentoo linux *
    netbsd netbsd current
    mandrakesoft mandrake linux corporate server 3.0
    apple mac os x 10.3.9
    apple mac os x server 10.3.9
    debian debian linux 3.1
    mandrakesoft mandrake multi network firewall 2.0
    mandrakesoft mandrake linux 2006
    openpkg openpkg 2.5
    netbsd netbsd 3.0
    canonical ubuntu 6.06
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    netbsd netbsd 4.0 beta
    netbsd netbsd 3.0.1
    turbolinux turbolinux fuji
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    apple mac os x server 10.4.9
    apple mac os x 10.4.9
    netbsd netbsd 3.0.2