5

CVE-2011-4528

Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UnboundUnbound Version <= 1.4.13
UnboundUnbound Version0.0
UnboundUnbound Version0.1
UnboundUnbound Version0.2
UnboundUnbound Version0.3
UnboundUnbound Version0.4
UnboundUnbound Version0.5
UnboundUnbound Version0.6
UnboundUnbound Version0.7
UnboundUnbound Version0.7.1
UnboundUnbound Version0.7.2
UnboundUnbound Version0.8
UnboundUnbound Version0.09
UnboundUnbound Version0.10
UnboundUnbound Version0.11
UnboundUnbound Version1.0.0
UnboundUnbound Version1.0.1
UnboundUnbound Version1.0.2
UnboundUnbound Version1.1.0
UnboundUnbound Version1.1.1
UnboundUnbound Version1.2.0
UnboundUnbound Version1.2.1
UnboundUnbound Version1.3.0
UnboundUnbound Version1.3.1
UnboundUnbound Version1.3.2
UnboundUnbound Version1.3.3
UnboundUnbound Version1.3.4
UnboundUnbound Version1.4.0
UnboundUnbound Version1.4.1
UnboundUnbound Version1.4.2
UnboundUnbound Version1.4.3
UnboundUnbound Version1.4.4
UnboundUnbound Version1.4.5
UnboundUnbound Version1.4.6
UnboundUnbound Version1.4.7
UnboundUnbound Version1.4.8
UnboundUnbound Version1.4.9
UnboundUnbound Version1.4.10
UnboundUnbound Version1.4.11
UnboundUnbound Version1.4.12
UnboundUnbound Version1.4.14 Updaterc1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.94% 0.853
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071525.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071535.html
http://osvdb.org/77909
http://secunia.com/advisories/47326
http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt
Patch
Vendor Advisory
http://www.debian.org/security/2011/dsa-2370
http://www.kb.cert.org/vuls/id/209659
Patch
Third Party Advisory
US Government Resource