24 matches found
MiracleLinux 7 : unbound-1.4.20-26.el7 (AXSA:2015-838:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-838:01 advisory. Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ide...
K15931: Unbound vulnerability CVE-2014-8602
Security Advisory Description iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals. CVE-2014-8602 Impact An attacker with a properly...
CentOS 7 : unbound (CESA-2015:2455)
Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle: Security Advisory (ELSA-2015-2455)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : unbound (ELSA-2015-2455)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2455 advisory. - Fix CVE-2014-8602 1253961 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
unbound security and bug fix update
1.4.20-26 - Added Conficts on redhat-release packages without unbound-anchor.timer in presets Related 1215645 1.4.20-25 - Resolve ordering loop with nss-lookup.target and ntpdate 1259806 1.4.20-24 - Fix CVE-2014-8602 1253961 1.4.20-23 - Removed usage of DLV from the default configuration 1223339...
RedHat Update for unbound RHSA-2015:2455-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : unbound (RHSA-2015:2455)
Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Low: Red Hat Security Advisory: unbound security and bug fix update
Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
F5 BIG-IP - Unbound vulnerability CVE-2014-8602
F5 BIG-IP is prone to a remote denial-of-service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip";...
Fedora Update for unbound FEDORA-2014-16647
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : unbound (openSUSE-SU-2014:1688-1)
This unbound update fixes the following secuirty issue. - boo908990: following endless delegations CVE-2014-8602 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-800. The text...
SOL15931 - Unbound vulnerability CVE-2014-8602
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
Fedora 21 : unbound-1.5.1-2.fc21 (2014-16647)
Security fix for CVE-2014-8602 new release fix build on aarch64 new upstream version Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 20 : unbound-1.5.1-2.fc20 (2014-16671)
Security fix for CVE-2014-8602 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Debian DSA-3097-1 : unbound - security update
Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit or make emit queries to the server can trick the resolver into following an endless series of...
[SECURITY] [DLA 107-1] unbound security update
Package : unbound Version : 1.4.6-1+squeeze4 CVE ID : CVE-2014-8602 Debian Bug : 772622 Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit or ma...
CVE-2014-8602
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals...
CVE-2014-8602
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals...
CVE-2014-8602
CVE-2014-8602 affects NLnet Labs Unbound prior to 1.5.1. The vulnerability stems from iterator.c not limiting delegation chaining, allowing remote attackers to trigger an endless sequence of referrals and cause memory and CPU exhaustion (DoS). Multiple connected advisories confirm impact and prov...