Apple Computer, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

BlueCat Networks, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Check Point Software Technologies Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Conectiva Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Cray Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Debian GNU/Linux Affected

Notified:  August 23, 2006 Updated: September 11, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The Debian Security Team has published Debian Security Advisory DSA-1172 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

EMC, Inc. (formerly Data General Corporation) Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Engarde Secure Linux Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

F5 Networks, Inc. Affected

Notified:  August 23, 2006 Updated: September 07, 2006

Status

Affected

Vendor Statement

F5 was provided with advance notice of this advisory, and has prepared patches for all affected actively-supported versions of BIG-IP and Enterprise Manager. These patches will be released immediately upon final verification of test results.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Fedora Project Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

FreeBSD, Inc. Affected

Notified:  August 23, 2006 Updated: September 07, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The FreeBSD development team has published FreeBSD Security Advisory FreeBSD-SA-06:20.bind in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to. The bind9 FreeBSD port was also updated on 2006-09-06 to include patches for this issue. Users who obtain BIND from the FreeBSD ports collection are encourage to upgrade to this version (or later) of the port.

Fujitsu Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Gentoo Linux Affected

Notified:  August 23, 2006 Updated: October 02, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Gentoo has published Gentoo Linux Security Advisory GLSA 200609-11 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Gnu ADNS Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

GNU glibc Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hewlett-Packard Company Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hitachi Not Affected

Notified:  August 23, 2006 Updated: September 05, 2006

Status

Not Affected

Vendor Statement

HI-UX/WE2 is NOT vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM Corporation Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM Corporation (zseries) Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM eServer Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Immunix Communications, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Infoblox Not Affected

Notified:  August 23, 2006 Updated: September 07, 2006

Status

Not Affected

Vendor Statement

The ISC BIND software Infoblox uses contains the underlying flaw, but Infoblox does not believe the vulnerability is exposed. Nonetheless, Infoblox has issued a patch to fix the underlying flaw and new releases of Infoblox NIOS software, DNSone 3.2r11-1 or NIOS 4.0.r1-3, are available for download. Infoblox recommends that customers upgrade to DNSone 3.2r11-1 or NIOS 4.0.r1-3. For more information and to download patches, please visit the Infoblox Support web site at http://www.infoblox.com/support.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Ingrian Networks, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Internet Software Consortium Affected

Notified:  July 03, 2006 Updated: September 06, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The Internet Software Consortium has published an alert on its BIND Vulnerabilities page (see CVE-2006-4095). Users who compile BIND from the original ISC source code distribution are encouraged to upgrade to BIND version 9.4.0b2, 9.3.3rc2, 9.3.2-P1, 9.2.7rc1, or 9.2.6-P1 (or later) as appropriate.

Juniper Networks, Inc. Not Affected

Notified:  August 23, 2006 Updated: September 05, 2006

Status

Not Affected

Vendor Statement

Juniper Networks products are not susceptible to this vulnerability

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Lucent Technologies Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Mandriva, Inc. Affected

Notified:  August 23, 2006 Updated: September 11, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Mandriva has published Mandriva Advisory MDKSA-2006:163 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Men & Mice Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Metasolv Software, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Microsoft Corporation Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

MontaVista Software, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

NEC Corporation Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

NetBSD Affected

Notified:  August 23, 2006 Updated: October 02, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

NetBSD has published NetBSD Security Advisory 2006-022 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Nokia Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Nortel Networks, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Novell, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

OpenBSD Affected

Notified:  August 23, 2006 Updated: September 07, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Patches for this issue were committed to the HEAD, OPENBSD_3_8, and OPENBSD_3_9 branches of OpenBSD CVS repository on 2006-09-05. Users of OpenBSD-current and OpenBSD-stable can obtain these patches via the usual mechanisms for CVS access.

OpenPKG Affected

Updated:  September 07, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The OpenPKG security team has published OpenPKG Security Advisory OpenPKG-SA-2006.019 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Openwall GNU/*/Linux Affected

Notified:  August 23, 2006 Updated: September 11, 2006

Status

Affected

Vendor Statement

We have fixed these issues by updating to BIND 9.3.2-P1 (with our usual modifications) in Owl-current as of 2006/09/06 and Owl 2.0-stable as of 2006/09/09.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

QNX, Software Systems, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Red Hat, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

rPath Affected

Updated:  September 25, 2006

Status

Affected

Vendor Statement

rPath Security Advisory: 2006-0166-1 Published: 2006-09-08 Products: rPath Linux 1 Rating: Major Exposure Level Classification:    Remote Deterministic Denial of Service Updated Versions:    bind=/conary.rpath.com@rpl:devel//1/9.3.2_P1-0.1-1    bind-utils=/conary.rpath.com@rpl:devel//1/9.3.2_P1-0.1-1 References:    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096    https://issues.rpath.com/browse/RPL-626 Description:    Previous versions of the bind package are vulnerable to    to multiple remote denial of service attacks.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Shadowsupport Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Silicon Graphics, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Slackware Linux Inc. Affected

Notified:  August 23, 2006 Updated: October 02, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Slackware has published Slackware Security Advisory SSA:2006-257-01 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Sony Corporation Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Sun Microsystems, Inc. Not Affected

Notified:  August 23, 2006 Updated: September 14, 2006

Status

Not Affected

Vendor Statement

Sun does not ship a version of BIND which is impacted by CERT VU#697164 or VU#915404 in any of the currently supported releases of Solaris: Solaris 8, 9, and 10.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

SUSE Linux Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

The SCO Group Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Trustix Secure Linux Affected

Notified:  August 23, 2006 Updated: October 02, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Trustix has published Trustix Secure Linux Security Advisory #2006-0051 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.

Turbolinux Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Ubuntu Affected

Notified:  August 23, 2006 Updated: September 07, 2006

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The Ubuntu development team has published Ubuntu Security Notice USN-343-1 in response to this issue. Users are encouraged to review this notice and apply the patches it refers to.

Unisys Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Wind River Systems, Inc. Unknown

Notified:  August 23, 2006 Updated: August 23, 2006

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

View all 54 vendors View less vendors