Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2072

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2072
Last Modified 07 Mar 2011 09:35:06
Published 27 Apr 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2072

Summary

Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.

Vulnerable Systems

Application

  • Delegate 7.7.0

  • Delegate 7.7.1

  • Delegate 7.8.0

  • Delegate 7.8.1

  • Delegate 7.8.2

  • Delegate 7.9.11

  • Delegate 8.10

  • Delegate 8.10.1

  • Delegate 8.10.2

  • Delegate 8.10.3

  • Delegate 8.10.4

  • Delegate 8.10.5

  • Delegate 8.10.6

  • Delegate 8.11

  • Delegate 8.11.1

  • Delegate 8.11.2

  • Delegate 8.11.3

  • Delegate 8.11.4

  • Delegate 8.11.5

  • Delegate 8.3.3

  • Delegate 8.3.4

  • Delegate 8.4.0

  • Delegate 8.5.0

  • Delegate 8.9

  • Delegate 8.9.1

  • Delegate 8.9.2

  • Delegate 8.9.3

  • Delegate 8.9.4

  • Delegate 8.9.5

  • Delegate 8.9.6

  • Delegate 9.0

  • Delegate 9.0.1

  • Delegate 9.0.2

  • Delegate 9.0.3

  • Delegate 9.0.4

  • Delegate 9.0.5


References

CERT-VN - VU#955777

BID - 17691

SECTRACK - 1015991

SECUNIA - 19750

VUPEN - ADV-2006-1506

VUPEN - ADV-2006-1505

MISC - http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en

MISC - http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en

XF - dns-improper-request-handling(26081)


Last Updated: 27 May 2016 10:42:19