Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2006-3441

Published: 09/08/2006 Updated: 12/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Windows 2003 Server

Vulnerability Summary

Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote malicious users to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2003 server sp1

microsoft windows xp

microsoft windows 2000

microsoft windows 2003 server 64-bit

Exploits

Exploit DB: Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
#!/usr/bin/python #POC for MS06-041 #Run the python script passing the local ip address as parameter The DNS server #will start listening on this ip address for DNS hostname resolution queries #This script is for testing and educational purpose and so to test this one will #have to point the DNS resolver on the target/client to the ip address on ...

References

NVD-CWE-Otherhttp://www.us-cert.gov/cas/techalerts/TA06-220A.htmlhttp://www.kb.cert.org/vuls/id/794580http://www.securityfocus.com/bid/19404http://securitytracker.com/id?1016653http://secunia.com/advisories/21394http://www.osvdb.org/27844http://xforce.iss.net/xforce/alerts/id/233http://xforce.iss.net/xforce/alerts/id/234http://xforce.iss.net/xforce/alerts/id/235http://www.vupen.com/english/advisories/2006/3211https://exchange.xforce.ibmcloud.com/vulnerabilities/28240https://exchange.xforce.ibmcloud.com/vulnerabilities/28013https://exchange.xforce.ibmcloud.com/vulnerabilities/24586https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A723https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041https://nvd.nist.govhttps://www.exploit-db.com/exploits/2900/https://www.kb.cert.org/vuls/id/794580
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook