Executive Summary
Summary | |
---|---|
Title | Unbound multiple denial-of-service vulnerabilities |
Informations | |||
---|---|---|---|
Name | VU#209659 | First vendor Publication | 2011-12-19 |
Vendor | VU-CERT | Last vendor Modification | 2011-12-19 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#209659Unbound multiple denial-of-service vulnerabilitiesOverviewA specially crafted DNS query containing signed duplicate resource records or a malformed NSEC3 signed resource record may cause Unbound to crash.I. DescriptionNLnetLabs advisory states:== Description 1: crash on signed duplicate Resource Records Additional details can be found in the full NLnetLabs Unbound advisory. II. ImpactA remote, unauthenticated attacker could cause the Unbound daemon to crash creating a denial-of-service condition.III. SolutionApply an UpdateThis vulnerability has been addressed in Unbound 1.4.14 and 1.4.13p2. The following patch may also be applied to resolve the issue: For unbound version 1.4.0 - 1.4.13 the patch is:
Referenceshttp://www.unbound.net/downloads/CVE-2011-4528.txt CreditThis vulnerability was found by Christopher Olah and reported by NLnetLabs. This document was written by Michael Orlando. Other Information
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify |
Original Source
Url : http://www.kb.cert.org/vuls/id/209659 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15048 | |||
Oval ID: | oval:org.mitre.oval:def:15048 | ||
Title: | DSA-2370-1 unbound -- several | ||
Description: | It was discovered that Unbound, a recursive DNS resolver, would crash when processing certain malformed DNS responses from authoritative DNS servers, leading to denial of service. CVE-2011-4528 Unbound attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone. CVE-2011-4869 Unbound does not properly process malformed responses which lack expected NSEC3 records. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2370-1 CVE-2011-4528 CVE-2011-4869 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | unbound |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-04-02 | Name : Fedora Update for unbound FEDORA-2011-17282 File : nvt/gb_fedora_2011_17282_unbound_fc16.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2370-1 (unbound) File : nvt/deb_2370_1.nasl |
2012-01-09 | Name : Fedora Update for unbound FEDORA-2011-17337 File : nvt/gb_fedora_2011_17337_unbound_fc15.nasl |
2011-12-20 | Name : Unbound Multiple Denial of Service Vulnerabilities File : nvt/gb_unbound_51115.nasl |
0000-00-00 | Name : FreeBSD Ports: unbound File : nvt/freebsd_unbound0.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
77910 | Unbound NSEC3-Signed Zones Response Parsing Remote DoS |
77909 | Unbound Duplicate Resource Record Parsing Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-11-29 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201311-18.nasl - Type : ACT_GATHER_INFO |
2012-01-17 | Name : The remote name server is affected by multiple denial of service vulnerabilit... File : unbound_1_4_14.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2370.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17282.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-17337.nasl - Type : ACT_GATHER_INFO |
2011-12-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7ba65bfd2a4011e1b96e00215af774f0.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:36 |
|