Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2011-4528
Disclosure Date: December 20, 2011 (last updated October 04, 2023)
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
0
Attacker Value
Unknown
CVE-2011-4869
Disclosure Date: December 20, 2011 (last updated October 04, 2023)
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.
0
Attacker Value
Unknown
CVE-2009-4008
Disclosure Date: June 02, 2011 (last updated October 04, 2023)
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
0
Attacker Value
Unknown
CVE-2010-0969
Disclosure Date: March 16, 2010 (last updated October 04, 2023)
Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
0
Attacker Value
Unknown
CVE-2009-3602
Disclosure Date: October 13, 2009 (last updated October 04, 2023)
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
0
