CVE-2006-4096

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.

BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de una inundación de preguntas recurrentes, que causan una fallo de INSIST cuando se recibe la respuesta después de que la cola recursiva esté vacía.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-08-14 CVE Reserved
2006-09-06 CVE Published
2023-11-01 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (41)

URL	Tag	Source
http://docs.info.apple.com/article.html?artnum=305530	X_refsource_confirm
http://secunia.com/advisories/21752	Third Party Advisory
http://secunia.com/advisories/21786	Third Party Advisory
http://secunia.com/advisories/21790	Third Party Advisory
http://secunia.com/advisories/21816	Third Party Advisory
http://secunia.com/advisories/21818	Third Party Advisory
http://secunia.com/advisories/21828	Third Party Advisory
http://secunia.com/advisories/21835	Third Party Advisory
http://secunia.com/advisories/21838	Third Party Advisory
http://secunia.com/advisories/21912	Third Party Advisory
http://secunia.com/advisories/21926	Third Party Advisory
http://secunia.com/advisories/22298	Third Party Advisory
http://secunia.com/advisories/24950	Third Party Advisory
http://secunia.com/advisories/25402	Third Party Advisory
http://securitytracker.com/id?1016794	Vdb Entry
http://www.securityfocus.com/archive/1/445600/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/19859	Vdb Entry
http://www.vupen.com/english/advisories/2006/3473	Vdb Entry
http://www.vupen.com/english/advisories/2006/3511	Vdb Entry
http://www.vupen.com/english/advisories/2007/1401	Vdb Entry
http://www.vupen.com/english/advisories/2007/1939	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28744	Vdb Entry
https://issues.rpath.com/browse/RPL-626	X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9623	Signature

URL	Date	SRC

URL	Date	SRC
http://www.kb.cert.org/vuls/id/697164	2018-10-17
http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en	2018-10-17

URL	Date	SRC
http://lists.apple.com/archives/security-announce/2007/May/msg00004.html	2018-10-17
http://marc.info/?l=bugtraq&m=141879471518471&w=2	2018-10-17
http://security.freebsd.org/advisories/FreeBSD-SA-06:20.bind.asc	2018-10-17
http://security.gentoo.org/glsa/glsa-200609-11.xml	2018-10-17
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.481241	2018-10-17
http://www-1.ibm.com/support/docview.wss?uid=isg1IY89169	2018-10-17
http://www-1.ibm.com/support/docview.wss?uid=isg1IY89178	2018-10-17
http://www.mandriva.com/security/advisories?name=MDKSA-2006:163	2018-10-17
http://www.novell.com/linux/security/advisories/2006_23_sr.html	2018-10-17
http://www.novell.com/linux/security/advisories/2006_24_sr.html	2018-10-17
http://www.openbsd.org/errata.html	2018-10-17
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.019.html	2018-10-17
http://www.ubuntu.com/usn/usn-343-1	2018-10-17
http://www.us.debian.org/security/2006/dsa-1172	2018-10-17
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144	2018-10-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.0 Search vendor "Isc" for product "Bind" and version "9.2.0"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.1 Search vendor "Isc" for product "Bind" and version "9.2.1"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.2 Search vendor "Isc" for product "Bind" and version "9.2.2"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.3 Search vendor "Isc" for product "Bind" and version "9.2.3"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.4 Search vendor "Isc" for product "Bind" and version "9.2.4"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.5 Search vendor "Isc" for product "Bind" and version "9.2.5"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.2.6 Search vendor "Isc" for product "Bind" and version "9.2.6"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.3 Search vendor "Isc" for product "Bind" and version "9.3"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.3.0 Search vendor "Isc" for product "Bind" and version "9.3.0"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.3.1 Search vendor "Isc" for product "Bind" and version "9.3.1"		-		Affected
Isc Search vendor "Isc"		Bind Search vendor "Isc" for product "Bind"				9.3.2 Search vendor "Isc" for product "Bind" and version "9.3.2"		-		Affected