FKIE_CVE-2006-3441

Vulnerability from fkie_nvd - Published: 2006-08-09 01:04 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.
References
secure@microsoft.comhttp://secunia.com/advisories/21394
secure@microsoft.comhttp://securitytracker.com/id?1016653
secure@microsoft.comhttp://www.kb.cert.org/vuls/id/794580Patch, US Government Resource
secure@microsoft.comhttp://www.osvdb.org/27844
secure@microsoft.comhttp://www.securityfocus.com/bid/19404
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA06-220A.htmlPatch, US Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2006/3211
secure@microsoft.comhttp://xforce.iss.net/xforce/alerts/id/233
secure@microsoft.comhttp://xforce.iss.net/xforce/alerts/id/234
secure@microsoft.comhttp://xforce.iss.net/xforce/alerts/id/235
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041
secure@microsoft.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24586
secure@microsoft.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/28013
secure@microsoft.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/28240
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21394
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016653
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/794580Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27844
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/19404
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-220A.htmlPatch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3211
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/xforce/alerts/id/233
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/xforce/alerts/id/234
af854a3a-2127-422b-91ae-364da2661108http://xforce.iss.net/xforce/alerts/id/235
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24586
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/28013
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/28240
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723
Impacted products
Vendor Product Version
microsoft windows_2000 *
microsoft windows_2003_server 64-bit
microsoft windows_2003_server sp1
microsoft windows_2003_server sp1
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*",
              "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CA1674-A8A0-479A-9D80-344D3C563A24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*",
              "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
              "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response.  NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fager en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay m\u00faltiples vulnerabilidades, relacionados con (1) desbordamiento de b\u00fafer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran p\u00e9rdida de c\u00e1lculo en los registros TXT, HINFO, X25, e ISDN."
    }
  ],
  "id": "CVE-2006-3441",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-08-09T01:04:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/21394"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1016653"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/794580"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.osvdb.org/27844"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/19404"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/3211"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/233"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/234"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://xforce.iss.net/xforce/alerts/id/235"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/21394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/794580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/27844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19404"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/233"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/234"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://xforce.iss.net/xforce/alerts/id/235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.