VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 9, 2006· Updated Jun 16, 2026

CVE-2006-3441

CVE-2006-3441

Description

Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Microsoft/Windows 2000
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
  • Microsoft/Windows Server 20033 versions
    cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
  • Microsoft/Windows Xp3 versions
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
  • Microsoft/Windowsllm-fuzzy
    Range: 2000 SP4, XP SP1/SP2, Server 2003 SP1

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.