The vulnerability of NSD and Unbound DNS servers lies in the improper handling of symbolic links before accessing a file. This allows attackers to cause service failures.

The vulnerability of NSD and Unbound DNS servers is related to the incorrect handling of symbolic links before accessing a file. Exploiting this vulnerability allows an attacker to cause service failures...

Local symlink attack in Unbound and NSD

...

Unbound Backlink Vulnerability

Unbound is a DNS resolver from the NLnet Labs Nlnet Labs Foundation in the Netherlands that supports verified recursion and caching. A security vulnerability exists in NLnet Labs Unbound version 1.12.0 and earlier and NLnet Labs NSD version 4.3.3 and earlier that allows a local symbolic link...

FreeBSD Denial of Service Vulnerability (CNVD-2019-40092)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation.NSD is one of the name server daemons. A denial of service vulnerability exists in FreeBSD NSD versions prior to 3.2.13, which can be exploited by remote attackers to cause a denial of service crash...

DEBIAN-CVE-2016-6173

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service /tmp disk consumption and slave server crash via a zone transfer with unlimited data...

NSD (Name Server Daemon) < 4.1.11 AXFR Response DoS Vulnerability

NSD Name Server Daemon is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

NSD (Name Server Daemon) 'packet.c' Off-By-One Buffer Overflow Vulnerability

NSD Name Server Daemon is prone to an off-by-one buffer overflow vulnerability because the server fails to perform adequate boundary checks on user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Name Server Daemon (NSD) Detection (DNS)

DNS TCP and UDP based detection of the Name Server Daemon NSD. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NSD version Directive Remote Version Disclosure

The remote host is running Name Server Daemon NSD, an open source DNS server. It is possible to extract the version number of the remote installation by sending a special DNS request for the text 'version.bind' in the domain 'chaos'. C Tenable Network Security, Inc. include"compat.inc"; if...