[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:108106
unbound is installed

oval:org.secpod.oval:def:1801567
unbound is installed

oval:org.secpod.oval:def:108168
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:108105
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:1501235
The remote host is missing a patch containing a security fix, which affects the following package(s): unbound

oval:org.secpod.oval:def:501705
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. This update als ...

oval:org.secpod.oval:def:63412
The host is installed with Unbound before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed DNS answers. Successful exploitation could allow attackers to make a single incoming query result in a large number of ou ...

oval:org.secpod.oval:def:63415
The host is installed with Unbound before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the network message volume. Successful exploitation could allow attackers to make unbound enter into an infinite loop and thereby b ...

oval:org.secpod.oval:def:63416
The host is installed with Unbound before 1.9.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the crafted NOTIFY query. Successful exploitation allow remote attackers to trigger a crash.

oval:org.secpod.oval:def:204261
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. This update als ...

oval:org.secpod.oval:def:507302
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: the novel ghost domain where malicious users to trigger continued resolvability of malicious domain nam ...

oval:org.secpod.oval:def:507352
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain ...

oval:org.secpod.oval:def:114055
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:507699
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: NRDelegation attack leads to uncontrolled resource consumption For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ...

oval:org.secpod.oval:def:507718
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: NRDelegation attack leads to uncontrolled resource consumption For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ...

oval:org.secpod.oval:def:19500028
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ...

oval:org.secpod.oval:def:89050500
This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ...

oval:org.secpod.oval:def:1506652
[1.16.2-3] - Fix NRDelegation attack leading to uncontrolled resource consumption

oval:org.secpod.oval:def:1506735
[1.16.2-5] - Stop creating wrong devel manual pages [1.16.2-4] - Apply correctly previous change [1.16.2-3] - Fix NRDelegation attack leading to uncontrolled resource consumption

oval:org.secpod.oval:def:1506175
[1.16.2-2] - Require openssl tool for unbound-keygen [1.16.2-1] - Update to 1.16.2 [1.16.0-2] - Restart keygen service before every unbound start [1.16.0-1] - Upgrade to 9.16.0 - Update to recent version with compatibility with RHEL8 - Ensure also source level compatibility with previous versio ...

oval:org.secpod.oval:def:1601142
A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive resolve ...

oval:org.secpod.oval:def:1801623
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration. Refe ...

oval:org.secpod.oval:def:117270
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:117308
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:124284
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:124288
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:2600091
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

oval:org.secpod.oval:def:87149
[1.16.2-2] - Require openssl tool for unbound-keygen [1.16.2-1] - Update to 1.16.2 [1.16.0-3] - Disable ED25519 and ED448 in FIPS mode [1.16.0-2] - Restart keygen service before every unbound start [1.16.0-1] - Update to 1.16.0 [1.15.0-1] - Update to 1.15.0 - Update icannbundle.pem [1.13.2-1] ...

oval:org.secpod.oval:def:5800110
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain ...

oval:org.secpod.oval:def:2500855
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

oval:org.secpod.oval:def:205588
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: incomplete fix for CVE-2020-12662 in RHEL7 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C ...

oval:org.secpod.oval:def:205579
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: amplification of an incoming query into a large number of queries directed to a target * unbound: infinite loop via malformed DNS answers received from upstream servers For more detai ...

oval:org.secpod.oval:def:89000641
This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ...

oval:org.secpod.oval:def:113959
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:113979
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:1702110
A vulnerability named 'Non-Responsive Delegation Attack' has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies ...

oval:org.secpod.oval:def:1702085
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ...

oval:org.secpod.oval:def:1702136
A vulnerability named 'Non-Responsive Delegation Attack' has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies ...

oval:org.secpod.oval:def:1702126
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ...

oval:org.secpod.oval:def:509103
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources For more details about the security issue, including the i ...

oval:org.secpod.oval:def:127189
Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ...

oval:org.secpod.oval:def:1702159
Certain DNSSEC aspects of the DNS protocol allow remote attackers to cause a denial of service via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification implies that an algorithm must evaluate all combinations of D ...

oval:org.secpod.oval:def:1507361
[1.16.2-5.2] - bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator - bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

oval:org.secpod.oval:def:1507362
[1.16.2-3.1] - Fix DNSSEC validation vulnerabilities which can lead to DoS in trivially orchestrated attacks

oval:org.secpod.oval:def:509045
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources For more details about the security issue, including the i ...

oval:org.secpod.oval:def:3300842
SUSE Security Update: Security update for unbound

oval:org.secpod.oval:def:1504899
[1.7.3-15] - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz#1714175 - Use system-wide crypto policy setting instead of custom setting - Resolves: rhbz#1842837 - Enable additional logging in unbound - Resolves: rhbz#1850460 - security hardening from x41 r ...

oval:org.secpod.oval:def:89047597
This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack . - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc . - CVE-2019-25033: Fixed integer ove ...

oval:org.secpod.oval:def:2500475
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

oval:org.secpod.oval:def:73618
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: integer overflow in the regional allocator via regional_alloc * unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write * unbound: out-of-bound ...

oval:org.secpod.oval:def:4501373
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: integer overflow in the regional allocator via regional_alloc * unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write * unbound: out-of-bound ...

CVE    9
CVE-2020-12663
CVE-2019-16866
CVE-2019-18934
CVE-2020-12662
...
*CPE
cpe:/a:nlnetlabs:unbound

© SecPod Technologies