Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-15105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prov...

5.3CVSS6AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 7 : unbound (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unbound: command injection with data coming from a specially crafted IPSECKEY answer CVE-2019-18934 - A...

7.3CVSS7.2AI score0.03212EPSS
Exploits1References3
Rosalinux
Rosalinux
added 2021/07/02 6:18 p.m.44 views

Advisory ROSA-SA-2021-1990

Software: unbound 1.6.6 OS: Cobalt 7.9 CVE-ID: CVE-2017-15105 CVE-Crit: MEDIUM CVE-DESC: An error was found in the method of unbound to 1.6.8 verified NSEC records synthesized using wildcards. An improperly checked wildcard NSEC record may be used to prove the absence NXDOMAIN response of an...

7.5CVSS7.1AI score0.03506EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.44 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1482)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.2.0 : unbound (EulerOS-SA-2020-1264)

According to the version of the unbound package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in the way unbound validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC...

5.3CVSS6.1AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1264)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2019-2676)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2019-2488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2019-2341)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2019-2194)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.31 views

EulerOS 2.0 SP3 : unbound (EulerOS-SA-2019-2676)

According to the version of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could b...

5.3CVSS6.2AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.24 views

EulerOS 2.0 SP5 : unbound (EulerOS-SA-2019-2194)

According to the version of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could b...

5.3CVSS6.2AI score0.0263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/06/09 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-3673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/07 12:0 a.m.21 views

Fedora 26 : unbound (2018-a10a19e06a)

Security fix for CVE-2017-15105 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.3CVSS6.3AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/31 12:0 a.m.24 views

Fedora 27 : unbound (2018-69316c5b7a)

Security fix for CVE-2017-15105 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.3CVSS6.3AI score0.0263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/31 12:0 a.m.34 views

Debian DLA-1264-1 : unbound security update

Ralph Dolmans and Karst Koymans found a flaw in the way unbound validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence NXDOMAIN answer of an existing wildcard record, or trick unbound into accepting a NODATA proof. For mo...

5.3CVSS6.3AI score0.0263EPSS
Exploits0References4
Debian
Debian
added 2018/01/30 4:42 p.m.25 views

[SECURITY] [DLA 1264-1] unbound security update

Package : unbound Version : 1.4.17-3+deb7u3 CVE ID : CVE-2017-15105 Debian Bug : 887733 Ralph Dolmans and Karst Koymans found a flaw in the way unbound validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence NXDOMAIN answe...

5.3CVSS5.9AI score0.0263EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/26 12:0 a.m.52 views

Unbound < 1.6.8 Wildcard Synthesized NSEC Records Handling Remote Validation Weakness

According to its self-reported version number, the remote Unbound DNS resolver is affected by a validation weakness when handling wildcard synthesized NSEC records. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid106384; scriptversion"1.5"; scriptcvsdate"Date:...

5.3CVSS6.3AI score0.0263EPSS
Exploits0References3
CVE
CVE
added 2018/01/23 4:0 p.m.170 views

CVE-2017-15105

CVE-2017-15105 affects unbound prior to version 1.6.8. The vulnerability arises from improper validation of wildcard-synthesized NSEC records, enabling an attacker to prove the non-existence (NXDOMAIN) of an existing wildcard record or to trick Unbound into accepting a NODATA proof. The connected...

5.3CVSS5.2AI score0.0263EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2018/01/22 9:2 p.m.6 views

MGASA-2018-0091 Updated unbound packages fix security vulnerability

Updated unbound packages to fix security vulnerability CVE-2017-15105 in the processing of wildcard synthesized NSEC records. While synthesis of NSEC records is allowed by RFC4592, these synthesized owner names should not be used in the NSEC processing. This was, however, happenning in Unbound...

5.3CVSS5.6AI score0.0263EPSS
Exploits0References2
Rows per page
Query Builder