Shodan
Vulnerabilities
Vulnerable Software
Nlnetlabs:  >> Ldns  Security Vulnerabilities
CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of the response. This makes applications, that use ldns for (stub) resolver functionality over UDP, vulnerable for off-path poisoning attacks. The drill tool, which is shipped with ldns, suffers from this vulnerability.
CVSS Score
8.2
EPSS Score
0.002
Published
2026-06-10
CVE-2020-19861
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
CVSS Score
7.5
EPSS Score
0.015
Published
2022-01-21
CVE-2020-19860
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
CVSS Score
6.5
EPSS Score
0.013
Published
2022-01-21
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVSS Score
9.8
EPSS Score
0.027
Published
2017-11-17
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVSS Score
9.8
EPSS Score
0.023
Published
2017-11-17
CVE-2014-3209
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
CVSS Score
2.1
EPSS Score
0.004
Published
2014-11-16
CVE-2011-3581
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.
CVSS Score
6.8
EPSS Score
0.042
Published
2011-11-04
CVE-2009-1086
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field.
CVSS Score
6.4
EPSS Score
0.035
Published
2009-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved