Nlnetlabs Unbound vulnerabilities

CVE-2019-25037 [HIGH] CWE-617 CVE-2019-25037: Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an inva Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

CVE-2019-25041 [HIGH] CWE-617 CVE-2019-25041: Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

CVE-2019-25036 [HIGH] CWE-617 CVE-2019-25036: Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The ven Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited

CVE-2019-25031 [MEDIUM] CWE-74 CVE-2019-25031: Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successfu Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configurati

CVE-2020-28935 [MEDIUM] CWE-59 CVE-2020-28935: NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including vers NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would

CVE-2020-10772 [HIGH] CWE-406 CVE-2020-10772: An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned e

CVE-2020-12663 [HIGH] CWE-835 CVE-2020-12663: Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

CVE-2020-12662 [HIGH] CWE-400 CVE-2020-12662: Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

CVE-2019-18934 [HIGH] CWE-78 CVE-2019-18934: Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code ex Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.

CVE-2019-16866 [HIGH] CWE-755 CVE-2019-16866: Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.

CVE-2017-15105 [MEDIUM] CWE-358 CVE-2017-15105: A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An imp A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.

CVE-2014-8602 [MEDIUM] CWE-399 CVE-2014-8602: iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remot iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

CVE-2011-4528 [MEDIUM] CVE-2011-4528: Unbound before 1 Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.

CVE-2011-4869 [MEDIUM] CVE-2011-4869: validator/val_nsec3 validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.

CVE-2009-4008 [MEDIUM] CWE-399 CVE-2009-4008: Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.

CVE-2011-1922 [MEDIUM] CWE-399 CVE-2011-1922: daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automat daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.

CVE-2010-0969 [MEDIUM] CWE-399 CVE-2010-0969: Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote att Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

CVE-2009-3602 [HIGH] CWE-310 CVE-2009-3602: Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote atta Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.