rpm package
opensuse/nsd&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/nsd&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-28935 | — | < 4.3.7-1.2 | 4.3.7-1.2 | Dec 7, 2020 | NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an exis | ||
| CVE-2012-2979 | — | < 4.3.7-1.2 | 4.3.7-1.2 | Nov 1, 2019 | FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server. | ||
| CVE-2019-13207 | — | < 4.3.7-1.2 | 4.3.7-1.2 | Jul 3, 2019 | nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | ||
| CVE-2016-6173 | Hig | 7.5 | < 4.3.7-1.2 | 4.3.7-1.2 | Feb 9, 2017 | NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data. |
- CVE-2020-28935Dec 7, 2020affected < 4.3.7-1.2fixed 4.3.7-1.2
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an exis
- CVE-2012-2979Nov 1, 2019affected < 4.3.7-1.2fixed 4.3.7-1.2
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
- CVE-2019-13207Jul 3, 2019affected < 4.3.7-1.2fixed 4.3.7-1.2
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
- affected < 4.3.7-1.2fixed 4.3.7-1.2
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.