USN-8449-1 ldns vulnerability

Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error due to the improper matching of the query destination address and port with the response source address and port when Idns is used in applications as stub resolver over UDP. Remediation A fix was pushed into the...

CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

Advisory ROSA-SA-2024-2476

software: ldns 1.8.3 OS: ROSA-CHROME packageevrstring: ldns-1.8.3-1 CVE-ID: CVE-2020-19861 BDU-ID: 2022-05917 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the ldnsnsec3saltdata function of the DNS LDNS library is related to reading outside the allowed data buffer boundaries. Exploitation of the...

SUSE CVE-2009-1086

Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...

SUSE CVE-2017-1000232

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors...

USN-5257-2: ldns vulnerabilities

USN-5257-1 fixed several vulnerabilities in ldns. This update provides the corresponding update for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...

USN-5257-1: ldns vulnerabilities

It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-19860, CVE-2020-19861...

[SECURITY] Fedora 35 Update: ldns-1.8.1-3.fc35

ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to for instance create or sign packets...

Debian DLA-1182-1 : ldns security update

A security vulnerability has been discovered in ldns, a library and collection of utilities for DNS programming. CVE-2017-1000231 The generic parser contained a double-free vulnerability which resulted in an application crash with unspecified impacts and attack vectors. For Debian 7 'Wheezy', the...

AZL-10412 CVE-2017-1000231 affecting package ldns for versions less than 1.7.0-32

A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...

ldns double release vulnerability

ldns is an open source library that provides DNS resolution , you can implement a variety of DNS server or client functions . A double release vulnerability exists in parse.c in ldns 1.7.0. An attacker can exploit this vulnerability to cause a denial of service...

ldns double release vulnerability (CNVD-2017-37283)

ldns is an open source library that provides DNS resolution , you can implement a variety of DNS server or client functions . A double release vulnerability exists in str2host.c in ldns 1.7.0. An attacker can exploit this vulnerability to cause a denial of service...

PT-2017-4266 · Nlnet +3 · Ldns +3

Name of the Vulnerable Software and Affected Versions: ldns version 1.7.0 Description: The issue is related to a double-free vulnerability in the str2host.c component of the ldns library, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause...

UBUNTU-CVE-2017-1000231

A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...

Vulnerabilities of the Debian GNU/Linux operating system, which allow a remote attacker to compromise the integrity and accessibility of protected information

The multiple vulnerabilities in the libldns-dev package of the Debian GNU/Linux operating system may lead to a violation of the integrity and accessibility of protected information. These vulnerabilities can be exploited remotely...

Fedora Update for ldns FEDORA-2011-13915

Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13915 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for ldns FEDORA-2011-13929

Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13929 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 14 Update: ldns-1.6.11-2.fc14

ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to for instance create or sign packets...

[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1795 [email protected] http://www.debian.org/security/ Devin Carraway May 07, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------...