Shell Code Execution

libunbound.so is vulnerable to shell code execution. The attack is possible due to not proper handling of a malicious IPSECKEY answer in the ipsec. The vulnerability can only triggered when the following conditions are met: 1) compiled the library with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration (either in the configuration file or using unbound-control), and 2) a domain is part of the ipsecmod-whitelist (if ipsecmod-whitelist is used), and 3) receives an A/AAAA query for a domain that has an A/AAAA record(s) and an IPSECKEY record(s) available.