PT-2006-4938 · Isc+1 · Bind+1
Joao Damas
·
Published
2006-09-05
·
Updated
2024-02-15
·
CVE-2006-4095
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
BIND versions 9.2.x through 9.2.6 and 9.3.x through 9.3.2
Description
The issue allows a remote attacker to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
Recommendations
For versions 9.2.x through 9.2.6, update to version 9.2.6-P1 or later.
For versions 9.3.x through 9.3.2, update to version 9.3.2-P1 or later.
Fix
DoS
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bind
Bind Server