Vendor CVEs
Nlnetlabs
All CVEs
63 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18934 | 0.00 | — | 0.03 | Nov 19, 2019 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in… | |||
| CVE-2012-2979 | 0.00 | — | 0.02 | Nov 1, 2019 | FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server. | |||
| CVE-2019-16866 | 0.00 | — | 0.04 | Oct 3, 2019 | Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule. | |||
| CVE-2019-13207 | 0.00 | — | 0.02 | Jul 3, 2019 | nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | |||
| CVE-2014-3209 | 0.00 | — | 0.00 | Nov 16, 2014 | The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file. | |||
| CVE-2011-4869 | 0.00 | — | 0.03 | Dec 20, 2011 | validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability… | |||
| CVE-2011-3581 | 0.00 | — | 0.04 | Nov 4, 2011 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a… | |||
| CVE-2009-4008 | 0.00 | — | 0.03 | Jun 2, 2011 | Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query. | |||
| CVE-2010-0969 | 0.00 | — | 0.03 | Mar 16, 2010 | Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||
| CVE-2009-3602 | 0.00 | — | 0.03 | Oct 13, 2009 | Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses. | |||
| CVE-2009-1755 | 0.00 | — | 0.03 | May 22, 2009 | Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer… | |||
| CVE-2009-1086 | 0.00 | — | 0.03 | Mar 25, 2009 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and… | |||
| CVE-2007-3377 | 0.00 | — | 0.02 | Jun 25, 2007 | Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for… |
- CVE-2019-18934Nov 19, 2019risk 0.00cvss —epss 0.03
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in…
- CVE-2012-2979Nov 1, 2019risk 0.00cvss —epss 0.02
FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
- CVE-2019-16866Oct 3, 2019risk 0.00cvss —epss 0.04
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
- CVE-2019-13207Jul 3, 2019risk 0.00cvss —epss 0.02
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
- CVE-2014-3209Nov 16, 2014risk 0.00cvss —epss 0.00
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
- CVE-2011-4869Dec 20, 2011risk 0.00cvss —epss 0.03
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability…
- CVE-2011-3581Nov 4, 2011risk 0.00cvss —epss 0.04
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a…
- CVE-2009-4008Jun 2, 2011risk 0.00cvss —epss 0.03
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
- CVE-2010-0969Mar 16, 2010risk 0.00cvss —epss 0.03
Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
- CVE-2009-3602Oct 13, 2009risk 0.00cvss —epss 0.03
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
- CVE-2009-1755May 22, 2009risk 0.00cvss —epss 0.03
Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer…
- CVE-2009-1086Mar 25, 2009risk 0.00cvss —epss 0.03
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and…
- CVE-2007-3377Jun 25, 2007risk 0.00cvss —epss 0.02
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for…
Page 2 of 2