Nlnetlabs Nsd vulnerabilities

7 known vulnerabilities affecting nlnetlabs/nsd.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2020-28935MEDIUMCVSS 5.5≥ 0, < 4.3.4-12020-12-07
CVE-2020-28935 [MEDIUM] CVE-2020-28935: NLnet Labs Unbound, up to and including version 1 NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink inste
osv
CVE-2013-5661MEDIUMCVSS 5.9v3.2.152019-11-05
CVE-2013-5661 [MEDIUM] CWE-290 CVE-2013-5661: Cache Poisoning issue exists in DNS Response Rate Limiting. Cache Poisoning issue exists in DNS Response Rate Limiting.
nvd
CVE-2012-2979HIGHCVSS 7.5≥ 0, < 4.0.0-52019-11-01
CVE-2012-2979 [HIGH] CVE-2012-2979: FreeBSD NSD before 3 FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
osv
CVE-2019-13207CRITICALCVSS 9.8≥ 0, < 4.2.4-12019-07-03
CVE-2019-13207 [CRITICAL] CVE-2019-13207: nsd-checkzone in NLnet Labs NSD 4 nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
osv
CVE-2016-6173HIGHCVSS 7.5≤ 4.1.102017-02-09
CVE-2016-6173 [HIGH] CWE-399 CVE-2016-6173: NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumpti NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
nvdosv
CVE-2012-2978MEDIUMCVSS 5.0v3.0.0v3.0.1+19 more2012-07-27
CVE-2012-2978 [MEDIUM] CWE-119 CVE-2012-2978: query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attac query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
nvdosv
CVE-2009-1755MEDIUMCVSS 5.0v2.0.0v2.0.1+9 more2009-05-22
CVE-2009-1755 [MEDIUM] CWE-189 CVE-2009-1755: Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_que Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow.
nvdosv