Shodan
Vulnerabilities
Vulnerable Software
Nlnetlabs:  Security Vulnerabilities
CVE-2019-18934
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.
CVSS Score
7.3
EPSS Score
0.032
Published
2019-11-19
CVE-2013-5661
Cache Poisoning issue exists in DNS Response Rate Limiting.
CVSS Score
5.9
EPSS Score
0.035
Published
2019-11-05
CVE-2019-16866
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
CVSS Score
7.5
EPSS Score
0.035
Published
2019-10-03
CVE-2019-13207
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
CVSS Score
9.8
EPSS Score
0.02
Published
2019-07-03
CVE-2017-15105
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
CVSS Score
5.3
EPSS Score
0.027
Published
2018-01-23
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVSS Score
9.8
EPSS Score
0.027
Published
2017-11-17
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVSS Score
9.8
EPSS Score
0.023
Published
2017-11-17
CVE-2016-6173
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
CVSS Score
7.5
EPSS Score
0.029
Published
2017-02-09
CVE-2014-8602
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
CVSS Score
4.3
EPSS Score
0.252
Published
2014-12-11
CVE-2014-3209
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
CVSS Score
2.1
EPSS Score
0.004
Published
2014-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved