CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25042 – unbound: out-of-bounds write via a compressed name in rdata_copy
https://notcve.org/view.php?id=CVE-2019-25042
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5 permite una escritura fuera de límites por medio de un nombre comprimido en la función rdata_copy. NOTA: El proveedor niega que esto sea una vulnerabilidad. Aunque el código puede ser vulnerable, una instalación de Unbound en funcionamiento no puede ser explotada de forma remota o local A flaw was found in unbound. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results https://security.netapp.com/advisory/ntap-20210507-0007 https://access.redhat.com/security/cve/CVE-2019-25042 https://bugzilla.redhat.com/show_bug.cgi?id=1954804 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-28935 – Local symlink attack in Unbound and NSD
https://notcve.org/view.php?id=CVE-2020-28935
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. • https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html https://security.gentoo.org/glsa/202101-38 https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt https://access.redhat.com/security/cve/CVE-2020-28935 https://bugzilla.redhat.com/show_bug.cgi?id=1878761 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2020-12662 – unbound: amplification of an incoming query into a large number of queries directed to a target
https://notcve.org/view.php?id=CVE-2020-12662
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. Unbound versiones anteriores a 1.10.1, presenta un Control Insuficiente del Volumen de Mensajes de Red, también se conoce como un problema de "NXNSAttack". Esto es activado por subdominios aleatorios en NSDNAME en registros NS. A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html http://www.nxnsattack.com http://www.openwall.com/lists/oss-security/2020/05/19/5 https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5NFROI2OMCZLYRTCNGHGO3TUD32LCIQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2020-12663 – unbound: infinite loop via malformed DNS answers received from upstream servers
https://notcve.org/view.php?id=CVE-2020-12663
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. Unbound versiones anteriores a 1.10.1, presenta un bucle infinito mediante respuestas DNS malformadas recibidas desde servidores aguas arriba. A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers are received from upstream servers. The highest threat from this vulnerability is to system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html http://www.openwall.com/lists/oss-security/2020/05/19/5 https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5NFROI2OMCZLYRTCNGHGO3TUD32LCIQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJ42N2HBZ3DXMSEC56SWIIOFQGOS5M7I h • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 16%CPEs: 2EXPL: 0CVE-2019-16866
https://notcve.org/view.php?id=CVE-2019-16866
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule. Unbound versiones anteriores a 1.9.4, accede a la memoria no inicializada, lo que permite a atacantes remotos desencadenar un bloqueo por medio de una consulta NOTIFY diseñada. La dirección IP del origen de la consulta debe coincidir con una regla de control de acceso. • https://github.com/NLnetLabs/unbound/blob/release-1.9.4/doc/Changelog https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E65NCWZZB2D75ZIYWPXKMVGSGNYW4JMC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLRHE7TQFAOV4MB2ELTOGESZYUL65NUJ https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt https://seclists.org/bugtraq/2019/Oct/23 https://usn.ubuntu.com/4149-1 https://www.debian.org/security/2019/dsa-4544 • CWE-755: Improper Handling of Exceptional Conditions CWE-908: Use of Uninitialized Resource •