CVE-2010-0969
https://notcve.org/view.php?id=CVE-2010-0969
Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Unbound anterior v1.4.3 no alinea adecuadamente estructuras en plataformas 64-bit, lo que permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados. • http://bugs.gentoo.org/show_bug.cgi?id=309117 http://marc.info/?l=oss-security&m=126876222231747&w=2 http://osvdb.org/62903 http://secunia.com/advisories/38888 http://www.openwall.com/lists/oss-security/2010/03/12/3 http://www.securityfocus.com/bid/38701 http://www.unbound.net/pipermail/unbound-users/2010-March/001057.html • CWE-399: Resource Management Errors •
CVE-2009-3602
https://notcve.org/view.php?id=CVE-2009-3602
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses. Unbound anterior v1.3.4 no comprueba las firmas para registros NSEC3, lo que permite a atacantes remotos causar una delegación de seguridad para ser descargada a través de suplantación de DNS u otros ataques relativos al DNS conjuntamente con respuestas de delegación manipuladas. • http://osvdb.org/58836 http://secunia.com/advisories/36996 http://secunia.com/advisories/37913 http://unbound.net/pipermail/unbound-users/2009-October/000852.html http://www.debian.org/security/2009/dsa-1963 http://www.openwall.com/lists/oss-security/2009/10/09/2 http://www.openwall.com/lists/oss-security/2009/10/09/3 http://www.vupen.com/english/advisories/2009/2875 https://exchange.xforce.ibmcloud.com/vulnerabilities/53729 • CWE-310: Cryptographic Issues •