67 matches found
K37661551: Unbound DNS Cache vulnerabilities CVE-2020-12662 and CVE-2020-12663
Security Advisory Description CVE-2020-12662 Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. CVE-2020-12663 Unbound before 1.10.1 has an infinite loop via malformed DNS answer...
SUSE CVE-2020-12663
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers...
CVE-2020-12663 affecting package unbound for versions less than 1.10.0-5
CVE-2020-12663 affecting package unbound for versions less than 1.10.0-5. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2020-0224)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : unbound Multiple Vulnerabilities (NS-SA-2021-0142)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has unbound packages installed that are affected by multiple vulnerabilities: - An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions ...
EulerOS Virtualization 3.0.2.2 : unbound (EulerOS-SA-2021-2172)
According to the versions of the unbound package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local...
SUSE: Security Advisory (SUSE-SU-2020:1772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1819-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2556-1 : unbound1.9 security update
Several security vulnerabilities have been corrected in unbound, a validating, recursive, caching DNS resolver. Support for the unbound DNS server has been resumed, the sources can be found in the unbound1.9 source package. CVE-2020-12662 Unbound has Insufficient Control of Network Message Volume...
Debian: Security Advisory (DLA-2556-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2556-1] unbound1.9 security update
Debian LTS Advisory DLA-2556-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 12, 2021 https://wiki.debian.org/LTS Package : unbound1.9 Version : 1.9.0-2+deb10u2deb9u1 CVE ID : CVE-2020-12662 CVE-2020-12663 CVE-2020-28935 Debian Bug : 977165 Several...
pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities
According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...
CentOS 8 : unbound (CESA-2020:2416)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2416 advisory. - unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12662 - unbound: infinite loop via malformed...
CVE-2020-12663 affecting package unbound 1.10.0-5
CVE-2020-12663 affecting package unbound 1.10.0-5. A patched version of the package is available...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-2454)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-2403)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: unbound security update
An update for unbound is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 7 : unbound (RHSA-2020:4181)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4181 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: amplification of an...
EulerOS 2.0 SP3 : unbound (EulerOS-SA-2020-2058)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted...
EulerOS Virtualization for ARM 64 3.0.2.0 : unbound (EulerOS-SA-2020-1971)
According to the versions of the unbound package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers ar...