Nsd
by Nlnetlabs
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6173 | Hig | 0.49 | 7.5 | 0.03 | Feb 9, 2017 | NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data. | ||
| CVE-2012-2978 | 0.01 | — | 0.09 | Jul 27, 2012 | query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet. | |||
| CVE-2020-28935 | 0.00 | — | 0.00 | Dec 7, 2020 | NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an… | |||
| CVE-2012-2979 | 0.00 | — | 0.02 | Nov 1, 2019 | FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server. | |||
| CVE-2019-13207 | 0.00 | — | 0.02 | Jul 3, 2019 | nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | |||
| CVE-2009-1755 | 0.00 | — | 0.03 | May 22, 2009 | Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer… |
- risk 0.49cvss 7.5epss 0.03
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
- CVE-2012-2978Jul 27, 2012risk 0.01cvss —epss 0.09
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
- CVE-2020-28935Dec 7, 2020risk 0.00cvss —epss 0.00
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an…
- CVE-2012-2979Nov 1, 2019risk 0.00cvss —epss 0.02
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
- CVE-2019-13207Jul 3, 2019risk 0.00cvss —epss 0.02
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
- CVE-2009-1755May 22, 2009risk 0.00cvss —epss 0.03
Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer…