CVE Vulnerabilities

CVE-2011-1922

Published: May 31, 2011 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.

Affected Software

Name Vendor Start Version End Version
Unbound Nlnetlabs 1.0.0 (including) 1.0.0 (including)
Unbound Nlnetlabs 1.0.1 (including) 1.0.1 (including)
Unbound Nlnetlabs 1.0.2 (including) 1.0.2 (including)
Unbound Nlnetlabs 1.1.0 (including) 1.1.0 (including)
Unbound Nlnetlabs 1.1.1 (including) 1.1.1 (including)
Unbound Nlnetlabs 1.2.0 (including) 1.2.0 (including)
Unbound Nlnetlabs 1.2.1 (including) 1.2.1 (including)
Unbound Nlnetlabs 1.3.0 (including) 1.3.0 (including)
Unbound Nlnetlabs 1.3.1 (including) 1.3.1 (including)
Unbound Nlnetlabs 1.3.2 (including) 1.3.2 (including)
Unbound Nlnetlabs 1.3.3 (including) 1.3.3 (including)
Unbound Nlnetlabs 1.3.4 (including) 1.3.4 (including)
Unbound Nlnetlabs 1.4.0 (including) 1.4.0 (including)
Unbound Nlnetlabs 1.4.1 (including) 1.4.1 (including)
Unbound Nlnetlabs 1.4.2 (including) 1.4.2 (including)
Unbound Nlnetlabs 1.4.3 (including) 1.4.3 (including)
Unbound Nlnetlabs 1.4.4 (including) 1.4.4 (including)
Unbound Nlnetlabs 1.4.5 (including) 1.4.5 (including)
Unbound Nlnetlabs 1.4.6 (including) 1.4.6 (including)
Unbound Nlnetlabs 1.4.7 (including) 1.4.7 (including)
Unbound Nlnetlabs 1.4.8 (including) 1.4.8 (including)
Unbound Nlnetlabs 1.4.9 (including) 1.4.9 (including)
Unbound Ubuntu lucid *
Unbound Ubuntu maverick *
Unbound Ubuntu natty *
Unbound Ubuntu upstream *

References