CVE-2006-4095

Publication date 6 September 2006

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

7.5 · High

Score breakdown

Description

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

Status

Package Ubuntu Release Status
bind9 7.04 feisty
Fixed 9.3.4-2ubuntu2.1
6.10 edgy
Fixed 9.3.2-2ubuntu3.2
6.06 LTS dapper
Fixed 9.3.2-2ubuntu1.3

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.5 · High

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-343-1
    • bind9 vulnerabilities
    • 8 September 2006

Other references

Access our resources on patching vulnerabilities