Ubuntu 18.04 LTS / 20.04 LTS : Unbound vulnerabilities (USN-4938-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4938-1 advisory. It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of...

CVE-2019-25031

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contributed script from the...

UBUNTU-CVE-2019-25031

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contributed script from the...

PT-2019-6283 · Nlnet +5 · Unbound +5

Name of the Vulnerable Software and Affected Versions: Unbound versions prior to 1.9.5 Description: The issue is related to insufficient neutralization of special elements in a request, which can be exploited by a remote attacker to impact data integrity. This can occur upon a successful...