Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 11, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Debian Security Team has published Debian Security Advisory DSA-1172 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 07, 2006
Affected
F5 was provided with advance notice of this advisory, and has prepared patches for all affected actively-supported versions of BIG-IP and Enterprise Manager. These patches will be released immediately upon final verification of test results.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The FreeBSD development team has published FreeBSD Security Advisory FreeBSD-SA-06:20.bind in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to. The bind9 FreeBSD port was also updated on 2006-09-06 to include patches for this issue. Users who obtain BIND from the FreeBSD ports collection are encourage to upgrade to this version (or later) of the port.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: October 02, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Gentoo has published Gentoo Linux Security Advisory GLSA 200609-11 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 05, 2006
Not Affected
HI-UX/WE2 is NOT vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 07, 2006
Not Affected
The ISC BIND software Infoblox uses contains the underlying flaw, but Infoblox does not believe the vulnerability is exposed. Nonetheless, Infoblox has issued a patch to fix the underlying flaw and new releases of Infoblox NIOS software, DNSone 3.2r11-1 or NIOS 4.0.r1-3, are available for download. Infoblox recommends that customers upgrade to DNSone 3.2r11-1 or NIOS 4.0.r1-3. For more information and to download patches, please visit the Infoblox Support web site at http://www.infoblox.com/support.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 03, 2006 Updated: September 06, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Internet Software Consortium has published an alert on its BIND Vulnerabilities page (see CVE-2006-4095). Users who compile BIND from the original ISC source code distribution are encouraged to upgrade to BIND version 9.4.0b2, 9.3.3rc2, 9.3.2-P1, 9.2.7rc1, or 9.2.6-P1 (or later) as appropriate.
Notified: August 23, 2006 Updated: September 05, 2006
Not Affected
Juniper Networks products are not susceptible to this vulnerability
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 11, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Mandriva has published Mandriva Advisory MDKSA-2006:163 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: October 02, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
NetBSD has published NetBSD Security Advisory 2006-022 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Patches for this issue were committed to the HEAD, OPENBSD_3_8, and OPENBSD_3_9 branches of OpenBSD CVS repository on 2006-09-05. Users of OpenBSD-current and OpenBSD-stable can obtain these patches via the usual mechanisms for CVS access.
Updated: September 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The OpenPKG security team has published OpenPKG Security Advisory OpenPKG-SA-2006.019 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: September 11, 2006
Affected
We have fixed these issues by updating to BIND 9.3.2-P1 (with our usual modifications) in Owl-current as of 2006/09/06 and Owl 2.0-stable as of 2006/09/09.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 25, 2006
Affected
rPath Security Advisory: 2006-0166-1 Published: 2006-09-08 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: bind=/conary.rpath.com@rpl:devel//1/9.3.2_P1-0.1-1 bind-utils=/conary.rpath.com@rpl:devel//1/9.3.2_P1-0.1-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096 https://issues.rpath.com/browse/RPL-626 Description: Previous versions of the bind package are vulnerable to to multiple remote denial of service attacks.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: October 02, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Slackware has published Slackware Security Advisory SSA:2006-257-01 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 14, 2006
Not Affected
Sun does not ship a version of BIND which is impacted by CERT VU#697164 or VU#915404 in any of the currently supported releases of Solaris: Solaris 8, 9, and 10.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: October 02, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Trustix has published Trustix Secure Linux Security Advisory #2006-0051 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: September 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Ubuntu development team has published Ubuntu Security Notice USN-343-1 in response to this issue. Users are encouraged to review this notice and apply the patches it refers to.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: August 23, 2006 Updated: August 23, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.