Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Unbound
(Nlnetlabs)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 31 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-01-23 | CVE-2017-15105 | A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof. | Ubuntu_linux, Debian_linux, Unbound | 5.3 | ||
| 2014-12-11 | CVE-2014-8602 | iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals. | Ubuntu_linux, Debian_linux, Unbound | N/A | ||
| 2011-05-31 | CVE-2011-1922 | daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling. | Unbound | N/A | ||
| 2010-03-16 | CVE-2010-0969 | Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | Unbound | N/A | ||
| 2011-06-02 | CVE-2009-4008 | Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query. | Unbound | N/A | ||
| 2009-10-13 | CVE-2009-3602 | Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses. | Unbound | N/A |