Unbound
by Nlnetlabs
Source repositories
CVEs (38)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50868 | 0.01 | — | 0.82 | Feb 14, 2024 | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC… | |||
| CVE-2020-12662 | 0.01 | — | 0.03 | May 19, 2020 | Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. | |||
| CVE-2020-12663 | 0.01 | — | 0.04 | May 19, 2020 | Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. | |||
| CVE-2011-1922 | 0.01 | — | 0.07 | May 31, 2011 | daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling. | |||
| CVE-2024-8508 | 0.00 | — | 0.01 | Oct 3, 2024 | NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying… | |||
| CVE-2024-1488 | 0.00 | — | 0.00 | Feb 15, 2024 | A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This… | |||
| CVE-2022-3204 | 0.00 | — | 0.01 | Sep 26, 2022 | A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by… | |||
| CVE-2022-30699 | 0.00 | — | 0.01 | Aug 1, 2022 | NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to… | |||
| CVE-2022-30698 | 0.00 | — | 0.01 | Aug 1, 2022 | NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation… | |||
| CVE-2019-25035 | 0.00 | — | 0.02 | Apr 27, 2021 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | |||
| CVE-2020-28935 | 0.00 | — | 0.00 | Dec 7, 2020 | NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an… | |||
| CVE-2020-10772 | 0.00 | — | 0.01 | Nov 27, 2020 | An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower… | |||
| CVE-2019-18934 | 0.00 | — | 0.03 | Nov 19, 2019 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in… | |||
| CVE-2019-16866 | 0.00 | — | 0.04 | Oct 3, 2019 | Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule. | |||
| CVE-2011-4869 | 0.00 | — | 0.03 | Dec 20, 2011 | validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability… | |||
| CVE-2009-4008 | 0.00 | — | 0.03 | Jun 2, 2011 | Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query. | |||
| CVE-2010-0969 | 0.00 | — | 0.03 | Mar 16, 2010 | Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||
| CVE-2009-3602 | 0.00 | — | 0.03 | Oct 13, 2009 | Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses. |
- CVE-2023-50868Feb 14, 2024risk 0.01cvss —epss 0.82
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC…
- CVE-2020-12662May 19, 2020risk 0.01cvss —epss 0.03
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
- CVE-2020-12663May 19, 2020risk 0.01cvss —epss 0.04
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
- CVE-2011-1922May 31, 2011risk 0.01cvss —epss 0.07
daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.
- CVE-2024-8508Oct 3, 2024risk 0.00cvss —epss 0.01
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying…
- CVE-2024-1488Feb 15, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This…
- CVE-2022-3204Sep 26, 2022risk 0.00cvss —epss 0.01
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by…
- CVE-2022-30699Aug 1, 2022risk 0.00cvss —epss 0.01
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to…
- CVE-2022-30698Aug 1, 2022risk 0.00cvss —epss 0.01
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation…
- CVE-2019-25035Apr 27, 2021risk 0.00cvss —epss 0.02
Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
- CVE-2020-28935Dec 7, 2020risk 0.00cvss —epss 0.00
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an…
- CVE-2020-10772Nov 27, 2020risk 0.00cvss —epss 0.01
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower…
- CVE-2019-18934Nov 19, 2019risk 0.00cvss —epss 0.03
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in…
- CVE-2019-16866Oct 3, 2019risk 0.00cvss —epss 0.04
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
- CVE-2011-4869Dec 20, 2011risk 0.00cvss —epss 0.03
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability…
- CVE-2009-4008Jun 2, 2011risk 0.00cvss —epss 0.03
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
- CVE-2010-0969Mar 16, 2010risk 0.00cvss —epss 0.03
Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
- CVE-2009-3602Oct 13, 2009risk 0.00cvss —epss 0.03
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
Page 2 of 2