Download
| Alert*
oval:org.secpod.oval:def:108106
unbound is installed oval:org.secpod.oval:def:1801567 unbound is installed oval:org.secpod.oval:def:108168 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:108105 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:1501235 The remote host is missing a patch containing a security fix, which affects the following package(s): unbound oval:org.secpod.oval:def:501705 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. This update als ... oval:org.secpod.oval:def:63412 The host is installed with Unbound before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed DNS answers. Successful exploitation could allow attackers to make a single incoming query result in a large number of ou ... oval:org.secpod.oval:def:63415 The host is installed with Unbound before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the network message volume. Successful exploitation could allow attackers to make unbound enter into an infinite loop and thereby b ... oval:org.secpod.oval:def:63416 The host is installed with Unbound before 1.9.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the crafted NOTIFY query. Successful exploitation allow remote attackers to trigger a crash. oval:org.secpod.oval:def:204261 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. This update als ... oval:org.secpod.oval:def:507302 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: the novel ghost domain where malicious users to trigger continued resolvability of malicious domain nam ... oval:org.secpod.oval:def:507352 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain ... oval:org.secpod.oval:def:114055 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:507699 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: NRDelegation attack leads to uncontrolled resource consumption For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:507718 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: NRDelegation attack leads to uncontrolled resource consumption For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:19500028 NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ... oval:org.secpod.oval:def:89050500 This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ... oval:org.secpod.oval:def:1506652 [1.16.2-3] - Fix NRDelegation attack leading to uncontrolled resource consumption oval:org.secpod.oval:def:1506735 [1.16.2-5] - Stop creating wrong devel manual pages [1.16.2-4] - Apply correctly previous change [1.16.2-3] - Fix NRDelegation attack leading to uncontrolled resource consumption oval:org.secpod.oval:def:1506175 [1.16.2-2] - Require openssl tool for unbound-keygen [1.16.2-1] - Update to 1.16.2 [1.16.0-2] - Restart keygen service before every unbound start [1.16.0-1] - Upgrade to 9.16.0 - Update to recent version with compatibility with RHEL8 - Ensure also source level compatibility with previous versio ... oval:org.secpod.oval:def:1601142 A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive resolve ... oval:org.secpod.oval:def:1801623 Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration. Refe ... oval:org.secpod.oval:def:117270 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:117308 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:124284 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:124288 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:2600091 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. oval:org.secpod.oval:def:87149 [1.16.2-2] - Require openssl tool for unbound-keygen [1.16.2-1] - Update to 1.16.2 [1.16.0-3] - Disable ED25519 and ED448 in FIPS mode [1.16.0-2] - Restart keygen service before every unbound start [1.16.0-1] - Update to 1.16.0 [1.15.0-1] - Update to 1.15.0 - Update icannbundle.pem [1.13.2-1] ... oval:org.secpod.oval:def:5800110 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. The following packages have been upgraded to a later upstream version: unbound . Security Fix: * unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain ... oval:org.secpod.oval:def:2500855 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. oval:org.secpod.oval:def:205588 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: incomplete fix for CVE-2020-12662 in RHEL7 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C ... oval:org.secpod.oval:def:205579 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: amplification of an incoming query into a large number of queries directed to a target * unbound: infinite loop via malformed DNS answers received from upstream servers For more detai ... oval:org.secpod.oval:def:89000641 This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ... oval:org.secpod.oval:def:113959 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:113979 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:1702110 A vulnerability named 'Non-Responsive Delegation Attack' has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies ... oval:org.secpod.oval:def:1702085 NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ... oval:org.secpod.oval:def:1702136 A vulnerability named 'Non-Responsive Delegation Attack' has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies ... oval:org.secpod.oval:def:1702126 NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the su ... oval:org.secpod.oval:def:509103 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources For more details about the security issue, including the i ... oval:org.secpod.oval:def:127189 Unbound is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular comp ... oval:org.secpod.oval:def:1702159 Certain DNSSEC aspects of the DNS protocol allow remote attackers to cause a denial of service via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification implies that an algorithm must evaluate all combinations of D ... oval:org.secpod.oval:def:1507361 [1.16.2-5.2] - bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator - bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources oval:org.secpod.oval:def:1507362 [1.16.2-3.1] - Fix DNSSEC validation vulnerabilities which can lead to DoS in trivially orchestrated attacks oval:org.secpod.oval:def:509045 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources For more details about the security issue, including the i ... oval:org.secpod.oval:def:3300842 SUSE Security Update: Security update for unbound oval:org.secpod.oval:def:1504899 [1.7.3-15] - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz#1714175 - Use system-wide crypto policy setting instead of custom setting - Resolves: rhbz#1842837 - Enable additional logging in unbound - Resolves: rhbz#1850460 - security hardening from x41 r ... oval:org.secpod.oval:def:89047597 This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack . - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc . - CVE-2019-25033: Fixed integer ove ... oval:org.secpod.oval:def:2500475 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. oval:org.secpod.oval:def:73618 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: integer overflow in the regional allocator via regional_alloc * unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write * unbound: out-of-bound ... oval:org.secpod.oval:def:4501373 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix: * unbound: integer overflow in the regional allocator via regional_alloc * unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write * unbound: out-of-bound ... |