U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:nlnetlabs:unbound:0.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 24 matching records.
Displaying matches 21 through 24.
Vuln ID Summary CVSS Severity
CVE-2014-8602

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

Published: December 10, 2014; 9:59:03 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-4008

Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.

Published: June 02, 2011; 4:55:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-0969

Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

Published: March 16, 2010; 3:00:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3602

Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.

Published: October 13, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH