7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
libunbound.so is vulnerable to shell code execution. The attack is possible due to not proper handling of a malicious IPSECKEY
answer in the ipsec
. The vulnerability can only triggered when the following conditions are met: 1) compiled the library with --enable-ipsecmod
support, and ipsecmod
is enabled and used in the configuration (either in the configuration file or using unbound-control
), and 2) a domain is part of the ipsecmod-whitelist (if ipsecmod-whitelist is used), and 3) receives an A/AAAA query for a domain that has an A/AAAA record(s) and an IPSECKEY record(s) available.
CPE | Name | Operator | Version |
---|---|---|---|
libunbound.so | eq | 2.5.11 |
lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html
lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html
www.openwall.com/lists/oss-security/2019/11/19/1
github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog
lists.fedoraproject.org/archives/list/[email protected]/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/
www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt
www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/
www.openwall.com/lists/oss-security/2019/11/19/1
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P