CVE-2006-0987
published 2006-03-03CVE-2006-0987: The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation…
medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < bind9 1:9.4.0-1 (bookworm) | bind9 1:9.4.0-1 (bookworm) |
| isc | bind | — | — |
| isc | bind9 | >= 0 < 1:9.4.0-1 | 1:9.4.0-1 |
| isc | bind9 | >= 0 < 1:9.4.0-1 | 1:9.4.0-1 |
| isc | bind9 | >= 0 < 1:9.4.0-1 | 1:9.4.0-1 |
| isc | bind9 | >= 0 < 1:9.4.0-1 | 1:9.4.0-1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM