cvelistv5 - cve-2006-3441

CVE-2006-3441 (GCVE-0-2006-3441)

Vulnerability from cvelistv5 – Published: 2006-08-09 01:00 – Updated: 2024-08-07 18:30

Summary

Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://securitytracker.com/id?1016653	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://xforce.iss.net/xforce/alerts/id/233	third-party-advisoryx_refsource_ISS
	http://xforce.iss.net/xforce/alerts/id/235	third-party-advisoryx_refsource_ISS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/3211	vdb-entryx_refsource_VUPEN
	http://www.kb.cert.org/vuls/id/794580	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/21394	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.osvdb.org/27844	vdb-entryx_refsource_OSVDB
	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	third-party-advisoryx_refsource_CERT
	http://www.securityfocus.com/bid/19404	vdb-entryx_refsource_BID
	http://xforce.iss.net/xforce/alerts/id/234	third-party-advisoryx_refsource_ISS
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:33.285Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS06-041",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
          },
          {
            "name": "1016653",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016653"
          },
          {
            "name": "win-dns-client-bo(28013)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
          },
          {
            "name": "20060808 Microsoft DNS Client Character String Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/233"
          },
          {
            "name": "20060808 Microsoft DNS Client Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/235"
          },
          {
            "name": "dns-data-string-bo(28240)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
          },
          {
            "name": "ADV-2006-3211",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3211"
          },
          {
            "name": "VU#794580",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/794580"
          },
          {
            "name": "21394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21394"
          },
          {
            "name": "oval:org.mitre.oval:def:723",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
          },
          {
            "name": "27844",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27844"
          },
          {
            "name": "TA06-220A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
          },
          {
            "name": "19404",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19404"
          },
          {
            "name": "20060808 Microsoft DNS Client ATMA Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/234"
          },
          {
            "name": "dns-rrdatalen-underflow(24586)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS06-041",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
        },
        {
          "name": "1016653",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016653"
        },
        {
          "name": "win-dns-client-bo(28013)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
        },
        {
          "name": "20060808 Microsoft DNS Client Character String Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/233"
        },
        {
          "name": "20060808 Microsoft DNS Client Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/235"
        },
        {
          "name": "dns-data-string-bo(28240)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
        },
        {
          "name": "ADV-2006-3211",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3211"
        },
        {
          "name": "VU#794580",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/794580"
        },
        {
          "name": "21394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21394"
        },
        {
          "name": "oval:org.mitre.oval:def:723",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
        },
        {
          "name": "27844",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27844"
        },
        {
          "name": "TA06-220A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
        },
        {
          "name": "19404",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19404"
        },
        {
          "name": "20060808 Microsoft DNS Client ATMA Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/234"
        },
        {
          "name": "dns-rrdatalen-underflow(24586)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-3441",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS06-041",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
            },
            {
              "name": "1016653",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016653"
            },
            {
              "name": "win-dns-client-bo(28013)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
            },
            {
              "name": "20060808 Microsoft DNS Client Character String Buffer Overflow Vulnerability",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/233"
            },
            {
              "name": "20060808 Microsoft DNS Client Integer Overflow Vulnerability",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/235"
            },
            {
              "name": "dns-data-string-bo(28240)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
            },
            {
              "name": "ADV-2006-3211",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3211"
            },
            {
              "name": "VU#794580",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/794580"
            },
            {
              "name": "21394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21394"
            },
            {
              "name": "oval:org.mitre.oval:def:723",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
            },
            {
              "name": "27844",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27844"
            },
            {
              "name": "TA06-220A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
            },
            {
              "name": "19404",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19404"
            },
            {
              "name": "20060808 Microsoft DNS Client ATMA Buffer Overflow Vulnerability",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/234"
            },
            {
              "name": "dns-rrdatalen-underflow(24586)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-3441",
    "datePublished": "2006-08-09T01:00:00",
    "dateReserved": "2006-07-07T00:00:00",
    "dateUpdated": "2024-08-07T18:30:33.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*\", \"matchCriteriaId\": \"330B6798-5380-44AD-9B52-DF5955FA832C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2CA1674-A8A0-479A-9D80-344D3C563A24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"644E2E89-F3E3-4383-B460-424D724EE62F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*\", \"matchCriteriaId\": \"91D6D065-A28D-49DA-B7F4-38421FF86498\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*\", \"matchCriteriaId\": \"B9687E6C-EDE9-42E4-93D0-C4144FEC917A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*\", \"matchCriteriaId\": \"FB2BE2DE-7B06-47ED-A674-15D45448F357\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fager en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay m\\u00faltiples vulnerabilidades, relacionados con (1) desbordamiento de b\\u00fafer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran p\\u00e9rdida de c\\u00e1lculo en los registros TXT, HINFO, X25, e ISDN.\"}]",
      "id": "CVE-2006-3441",
      "lastModified": "2024-11-21T00:13:37.680",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-08-09T01:04:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/21394\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://securitytracker.com/id?1016653\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/794580\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/27844\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securityfocus.com/bid/19404\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3211\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/233\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/234\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/235\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24586\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28013\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28240\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/21394\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016653\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/794580\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/27844\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/19404\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3211\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/233\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/234\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/235\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24586\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28013\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28240\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3441\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2006-08-09T01:04:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fager en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay m\u00faltiples vulnerabilidades, relacionados con (1) desbordamiento de b\u00fafer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran p\u00e9rdida de c\u00e1lculo en los registros TXT, HINFO, X25, e ISDN.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*\",\"matchCriteriaId\":\"330B6798-5380-44AD-9B52-DF5955FA832C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2CA1674-A8A0-479A-9D80-344D3C563A24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"644E2E89-F3E3-4383-B460-424D724EE62F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*\",\"matchCriteriaId\":\"91D6D065-A28D-49DA-B7F4-38421FF86498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*\",\"matchCriteriaId\":\"B9687E6C-EDE9-42E4-93D0-C4144FEC917A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*\",\"matchCriteriaId\":\"FB2BE2DE-7B06-47ED-A674-15D45448F357\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21394\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://securitytracker.com/id?1016653\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/794580\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/27844\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/19404\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3211\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/233\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/234\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/235\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24586\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28013\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28240\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/21394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/794580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/27844\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19404\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/233\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/234\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28240\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-3441

Vulnerability from fkie_nvd - Published: 2006-08-09 01:04 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://secunia.com/advisories/21394
secure@microsoft.com	http://securitytracker.com/id?1016653
secure@microsoft.com	http://www.kb.cert.org/vuls/id/794580	Patch, US Government Resource
secure@microsoft.com	http://www.osvdb.org/27844
secure@microsoft.com	http://www.securityfocus.com/bid/19404
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	Patch, US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2006/3211
secure@microsoft.com	http://xforce.iss.net/xforce/alerts/id/233
secure@microsoft.com	http://xforce.iss.net/xforce/alerts/id/234
secure@microsoft.com	http://xforce.iss.net/xforce/alerts/id/235
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24586
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/28013
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/28240
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21394
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016653
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/794580	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/27844
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19404
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3211
af854a3a-2127-422b-91ae-364da2661108	http://xforce.iss.net/xforce/alerts/id/233
af854a3a-2127-422b-91ae-364da2661108	http://xforce.iss.net/xforce/alerts/id/234
af854a3a-2127-422b-91ae-364da2661108	http://xforce.iss.net/xforce/alerts/id/235
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24586
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28013
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28240
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723

Impacted products

Vendor	Product	Version
microsoft	windows_2000	*
microsoft	windows_2003_server	64-bit
microsoft	windows_2003_server	sp1
microsoft	windows_2003_server	sp1
microsoft	windows_xp	*
microsoft	windows_xp	*
microsoft	windows_xp	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",
              "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CA1674-A8A0-479A-9D80-344D3C563A24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*",
              "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
              "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fager en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay m\u00faltiples vulnerabilidades, relacionados con (1) desbordamiento de b\u00fafer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran p\u00e9rdida de c\u00e1lculo en los registros TXT, HINFO, X25, e ISDN."
    }
  ],
  "id": "CVE-2006-3441",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-08-09T01:04:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/21394"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1016653"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/794580"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.osvdb.org/27844"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/19404"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/3211"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/233"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/234"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/235"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/794580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/27844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/233"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/234"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-3441

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3441

Aliases

CVE-2006-3441

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3441",
    "description": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.",
    "id": "GSD-2006-3441"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3441"
      ],
      "details": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.",
      "id": "GSD-2006-3441",
      "modified": "2023-12-13T01:19:57.633050Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2006-3441",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "MS06-041",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
          },
          {
            "name": "1016653",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016653"
          },
          {
            "name": "win-dns-client-bo(28013)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
          },
          {
            "name": "20060808 Microsoft DNS Client Character String Buffer Overflow Vulnerability",
            "refsource": "ISS",
            "url": "http://xforce.iss.net/xforce/alerts/id/233"
          },
          {
            "name": "20060808 Microsoft DNS Client Integer Overflow Vulnerability",
            "refsource": "ISS",
            "url": "http://xforce.iss.net/xforce/alerts/id/235"
          },
          {
            "name": "dns-data-string-bo(28240)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
          },
          {
            "name": "ADV-2006-3211",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3211"
          },
          {
            "name": "VU#794580",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/794580"
          },
          {
            "name": "21394",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21394"
          },
          {
            "name": "oval:org.mitre.oval:def:723",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
          },
          {
            "name": "27844",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/27844"
          },
          {
            "name": "TA06-220A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
          },
          {
            "name": "19404",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19404"
          },
          {
            "name": "20060808 Microsoft DNS Client ATMA Buffer Overflow Vulnerability",
            "refsource": "ISS",
            "url": "http://xforce.iss.net/xforce/alerts/id/234"
          },
          {
            "name": "dns-rrdatalen-underflow(24586)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-3441"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA06-220A",
              "refsource": "CERT",
              "tags": [
                "Patch",
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
            },
            {
              "name": "VU#794580",
              "refsource": "CERT-VN",
              "tags": [
                "Patch",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/794580"
            },
            {
              "name": "19404",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19404"
            },
            {
              "name": "1016653",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016653"
            },
            {
              "name": "21394",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/21394"
            },
            {
              "name": "27844",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/27844"
            },
            {
              "name": "20060808 Microsoft DNS Client Character String Buffer Overflow Vulnerability",
              "refsource": "ISS",
              "tags": [],
              "url": "http://xforce.iss.net/xforce/alerts/id/233"
            },
            {
              "name": "20060808 Microsoft DNS Client ATMA Buffer Overflow Vulnerability",
              "refsource": "ISS",
              "tags": [],
              "url": "http://xforce.iss.net/xforce/alerts/id/234"
            },
            {
              "name": "20060808 Microsoft DNS Client Integer Overflow Vulnerability",
              "refsource": "ISS",
              "tags": [],
              "url": "http://xforce.iss.net/xforce/alerts/id/235"
            },
            {
              "name": "ADV-2006-3211",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3211"
            },
            {
              "name": "dns-data-string-bo(28240)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
            },
            {
              "name": "win-dns-client-bo(28013)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
            },
            {
              "name": "dns-rrdatalen-underflow(24586)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
            },
            {
              "name": "oval:org.mitre.oval:def:723",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
            },
            {
              "name": "MS06-041",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-12T21:40Z",
      "publishedDate": "2006-08-09T01:04Z"
    }
  }
}

CERTA-2006-AVI-339

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités ont été identifiées dans le système d'exploitation Microsoft Windows, impliquant la fonction Winsock Hostname et le client DNS. Une personne malveillante pourrait exploiter l'une d'elles afin d'exécuter du code arbitraire à distance, et prendre le contrôle intégral de la machine vulnérable.

Description

Deux vulnérabilités, de type débordement de mémoire tampon, ont été identifiées dans le système d'exploitation Microsoft Windows, impliquant la fonction Winsock Hostname et le client DNS (pour Domain Name System). Celles-ci sont chargées de la résolution de noms, c'est-à-dire la gestion des noms de machines associées aux adresses IP. Winsock Hostname est une interface API procurant la fonction d'accès au protocole réseau DNS. Cette interface est utilisée par la majorité des applications nécessitant un accès réseau. Le client DNS est, quant à lui, nativement installé sur la plupart des machines pour effectuer la résolution de noms. Les deux partagent plusieurs fonctions en commun, comme gethostbyname().

Une personne maveillante peut exploiter à distance l'une de ces vulnérabilités pour exécuter du code arbitraire et prendre le contrôle de la machine vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows XP Professional x64 Edition ;
Microsoft	Windows	Microsoft Windows Server 2003 x64 Edition et Itanium Edition.
Microsoft	Windows	Microsoft Windows Server 2003 (Service Pack 1 inclus) ;
Microsoft	Windows	Microsoft Windows XP Service Pack 1 et Service Pack 2 ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-041 du 08 août 2006

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows XP Professional x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition et Itanium Edition.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 (Service Pack 1 inclus) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s, de type d\u00e9bordement de m\u00e9moire tampon, ont \u00e9t\u00e9\nidentifi\u00e9es dans le syst\u00e8me d\u0027exploitation Microsoft Windows, impliquant\nla fonction Winsock Hostname et le client DNS (pour Domain Name System).\nCelles-ci sont charg\u00e9es de la r\u00e9solution de noms, c\u0027est-\u00e0-dire la\ngestion des noms de machines associ\u00e9es aux adresses IP. Winsock Hostname\nest une interface API procurant la fonction d\u0027acc\u00e8s au protocole r\u00e9seau\nDNS. Cette interface est utilis\u00e9e par la majorit\u00e9 des applications\nn\u00e9cessitant un acc\u00e8s r\u00e9seau. Le client DNS est, quant \u00e0 lui, nativement\ninstall\u00e9 sur la plupart des machines pour effectuer la r\u00e9solution de\nnoms. Les deux partagent plusieurs fonctions en commun, comme\ngethostbyname().\n\nUne personne maveillante peut exploiter \u00e0 distance l\u0027une de ces\nvuln\u00e9rabilit\u00e9s pour ex\u00e9cuter du code arbitraire et prendre le contr\u00f4le\nde la machine vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3441"
    },
    {
      "name": "CVE-2006-3440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3440"
    }
  ],
  "links": [],
  "reference": "CERTA-2006-AVI-339",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me d\u0027exploitation\nMicrosoft Windows, impliquant la fonction Winsock Hostname et le client\nDNS. Une personne malveillante pourrait exploiter l\u0027une d\u0027elles afin\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance, et prendre le contr\u00f4le\nint\u00e9gral de la machine vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Winsock Hostname et le Client DNS de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-041 du 08 ao\u00fbt 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx"
    }
  ]
}

CERTA-2006-AVI-339

Vulnerability from certfr_avis - Published: - Updated:

Description

Une personne maveillante peut exploiter à distance l'une de ces vulnérabilités pour exécuter du code arbitraire et prendre le contrôle de la machine vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows XP Professional x64 Edition ;
Microsoft	Windows	Microsoft Windows Server 2003 x64 Edition et Itanium Edition.
Microsoft	Windows	Microsoft Windows Server 2003 (Service Pack 1 inclus) ;
Microsoft	Windows	Microsoft Windows XP Service Pack 1 et Service Pack 2 ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-041 du 08 août 2006

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows XP Professional x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 x64 Edition et Itanium Edition.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2003 (Service Pack 1 inclus) ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP Service Pack 1 et Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s, de type d\u00e9bordement de m\u00e9moire tampon, ont \u00e9t\u00e9\nidentifi\u00e9es dans le syst\u00e8me d\u0027exploitation Microsoft Windows, impliquant\nla fonction Winsock Hostname et le client DNS (pour Domain Name System).\nCelles-ci sont charg\u00e9es de la r\u00e9solution de noms, c\u0027est-\u00e0-dire la\ngestion des noms de machines associ\u00e9es aux adresses IP. Winsock Hostname\nest une interface API procurant la fonction d\u0027acc\u00e8s au protocole r\u00e9seau\nDNS. Cette interface est utilis\u00e9e par la majorit\u00e9 des applications\nn\u00e9cessitant un acc\u00e8s r\u00e9seau. Le client DNS est, quant \u00e0 lui, nativement\ninstall\u00e9 sur la plupart des machines pour effectuer la r\u00e9solution de\nnoms. Les deux partagent plusieurs fonctions en commun, comme\ngethostbyname().\n\nUne personne maveillante peut exploiter \u00e0 distance l\u0027une de ces\nvuln\u00e9rabilit\u00e9s pour ex\u00e9cuter du code arbitraire et prendre le contr\u00f4le\nde la machine vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3441"
    },
    {
      "name": "CVE-2006-3440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3440"
    }
  ],
  "links": [],
  "reference": "CERTA-2006-AVI-339",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me d\u0027exploitation\nMicrosoft Windows, impliquant la fonction Winsock Hostname et le client\nDNS. Une personne malveillante pourrait exploiter l\u0027une d\u0027elles afin\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance, et prendre le contr\u00f4le\nint\u00e9gral de la machine vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Winsock Hostname et le Client DNS de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-041 du 08 ao\u00fbt 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx"
    }
  ]
}

GHSA-9R48-HP5G-MCC9

Vulnerability from github – Published: 2022-05-01 07:09 – Updated: 2022-05-01 07:09

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3441"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-08-09T01:04:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.",
  "id": "GHSA-9r48-hp5g-mcc9",
  "modified": "2022-05-01T07:09:13Z",
  "published": "2022-05-01T07:09:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3441"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21394"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016653"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/794580"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27844"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19404"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3211"
    },
    {
      "type": "WEB",
      "url": "http://xforce.iss.net/xforce/alerts/id/233"
    },
    {
      "type": "WEB",
      "url": "http://xforce.iss.net/xforce/alerts/id/234"
    },
    {
      "type": "WEB",
      "url": "http://xforce.iss.net/xforce/alerts/id/235"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3441 (GCVE-0-2006-3441)

FKIE_CVE-2006-3441

GSD-2006-3441

CERTA-2006-AVI-339

Description

Solution

CERTA-2006-AVI-339

Description

Solution

GHSA-9R48-HP5G-MCC9

Tags

Sightings

Nomenclature