CVE-2006-2072
First published: Thu Apr 27 2006(Updated: )
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Delegate | =7.7.0 | |
| Delegate | =7.7.1 | |
| Delegate | =7.8.0 | |
| Delegate | =7.8.1 | |
| Delegate | =7.8.2 | |
| Delegate | =7.9.11 | |
| Delegate | =8.3.3 | |
| Delegate | =8.3.4 | |
| Delegate | =8.4.0 | |
| Delegate | =8.5.0 | |
| Delegate | =8.9 | |
| Delegate | =8.9.1 | |
| Delegate | =8.9.2 | |
| Delegate | =8.9.3 | |
| Delegate | =8.9.4 | |
| Delegate | =8.9.5 | |
| Delegate | =8.9.6 | |
| Delegate | =8.10 | |
| Delegate | =8.10.1 | |
| Delegate | =8.10.2 | |
| Delegate | =8.10.3 | |
| Delegate | =8.10.4 | |
| Delegate | =8.10.5 | |
| Delegate | =8.10.6 | |
| Delegate | =8.11 | |
| Delegate | =8.11.1 | |
| Delegate | =8.11.2 | |
| Delegate | =8.11.3 | |
| Delegate | =8.11.4 | |
| Delegate | =8.11.5 | |
| Delegate | =9.0 | |
| Delegate | =9.0.1 | |
| Delegate | =9.0.2 | |
| ETL Delegate | =9.0.3 | |
| ETL Delegate | =9.0.4 | |
| ETL Delegate | =9.0.5 | |
| Delegate | =9.0.4 | |
| Delegate | =9.0.5 | |
| ETL Delegate | =8.9.3 | |
| ETL Delegate | =8.11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
- http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en
- http://www.securityfocus.com/bid/17691
- http://securitytracker.com/id?1015991
- http://secunia.com/advisories/19750
- http://www.kb.cert.org/vuls/id/955777
- http://www.vupen.com/english/advisories/2006/1506
- http://www.vupen.com/english/advisories/2006/1505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26081
Frequently Asked Questions
What is the severity of CVE-2006-2072?
CVE-2006-2072 has been identified with a potential risk of causing denial of service due to crafted DNS response messages.
How do I fix CVE-2006-2072?
To mitigate CVE-2006-2072, upgrade to DeleGate version 9.0.6 or later, or 8.11.6 or later.
What versions of DeleGate are affected by CVE-2006-2072?
CVE-2006-2072 affects DeleGate versions prior to 9.0.6 and 8.11.6, including various 7.x and 8.x versions.
What type of vulnerabilities does CVE-2006-2072 include?
CVE-2006-2072 includes vulnerabilities such as buffer over-read and infinite recursion.
Can CVE-2006-2072 lead to system crashes?
Yes, CVE-2006-2072 can lead to system crashes through segmentation faults or invalid memory access.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/remedy
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/delegate
- product/delegate
- canonical/delegate delegate
- canonical/delegate
- version/delegate/7.7.0
- version/delegate/7.7.1
- version/delegate/7.8.0
- version/delegate/7.8.1
- version/delegate/7.8.2
- version/delegate/7.9.11
- version/delegate/8.3.3
- version/delegate/8.3.4
- version/delegate/8.4.0
- version/delegate/8.5.0
- version/delegate/8.9
- version/delegate/8.9.1
- version/delegate/8.9.2
- version/delegate/8.9.3
- version/delegate/8.9.4
- version/delegate/8.9.5
- version/delegate/8.9.6
- version/delegate/8.10
- version/delegate/8.10.1
- version/delegate/8.10.2
- version/delegate/8.10.3
- version/delegate/8.10.4
- version/delegate/8.10.5
- version/delegate/8.10.6
- version/delegate/8.11
- version/delegate/8.11.1
- version/delegate/8.11.2
- version/delegate/8.11.3
- version/delegate/8.11.4
- version/delegate/8.11.5
- version/delegate/9.0
- version/delegate/9.0.1
- version/delegate/9.0.2
- canonical/etl delegate
- version/etl delegate/9.0.3
- version/etl delegate/9.0.4
- version/etl delegate/9.0.5
- version/delegate/9.0.4
- version/delegate/9.0.5
- version/etl delegate/8.9.3
- version/etl delegate/8.11.1