nlnetlabs vulnerabilities and exploits

9.3
CVSSv2
CVE-2019-18934

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in...

2.6
CVSSv2
CVE-2013-5661

Cache Poisoning issue exists in DNS Response Rate Limiting....

5
CVSSv2
CVE-2019-16866

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule....

7.5
CVSSv2
CVE-2019-13207

nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c....

5
CVSSv2
CVE-2017-15105

A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof....

7.5
CVSSv2
CVE-2017-1000232

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors....

NlnetlabsLdns
7.5
CVSSv2
CVE-2017-1000231

A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors....

NlnetlabsLdns
7.8
CVSSv2
CVE-2016-6173

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data....

4.3
CVSSv2
CVE-2014-8602

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals....

2.1
CVSSv2
CVE-2014-3209

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file....