fkie_cve-2011-1922
Vulnerability from fkie_nvd
Published
2011-05-31 20:55
Modified
2024-11-21 01:27
Severity ?
Summary
daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html
secalert@redhat.comhttp://osvdb.org/72750
secalert@redhat.comhttp://secunia.com/advisories/44865
secalert@redhat.comhttp://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txtPatch, Vendor Advisory
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/531342Patch, US Government Resource
secalert@redhat.comhttp://www.securityfocus.com/bid/47986
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/67645
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/72750
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44865
af854a3a-2127-422b-91ae-364da2661108http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/531342Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/47986
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/67645
Impacted products
Vendor Product Version
nlnetlabs unbound 1.0.0
nlnetlabs unbound 1.0.1
nlnetlabs unbound 1.0.2
nlnetlabs unbound 1.1.0
nlnetlabs unbound 1.1.1
nlnetlabs unbound 1.2.0
nlnetlabs unbound 1.2.1
nlnetlabs unbound 1.3.0
nlnetlabs unbound 1.3.1
nlnetlabs unbound 1.3.2
nlnetlabs unbound 1.3.3
nlnetlabs unbound 1.3.4
nlnetlabs unbound 1.4.0
nlnetlabs unbound 1.4.1
nlnetlabs unbound 1.4.2
nlnetlabs unbound 1.4.3
nlnetlabs unbound 1.4.4
nlnetlabs unbound 1.4.5
nlnetlabs unbound 1.4.6
nlnetlabs unbound 1.4.7
nlnetlabs unbound 1.4.8
nlnetlabs unbound 1.4.9


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2F7047-5435-4616-8357-B72BB3F9A600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05137329-C056-4E1E-811E-0AF2899E9EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "850E4420-3B05-4F99-A4C6-AD22E127E7DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A23044-AB7D-4303-804B-11ADC8CF4CD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9DFA469-124B-4F6A-9D86-2B615CC1F5B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D463CB7-2B65-4A4D-8AC2-35F6C51CAC3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7701F4B-6FF1-463E-BF6D-6B7EA96DB192",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "661E72ED-666D-4532-B503-683E2C84686F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF5BCB9-1950-4099-8E08-5D1CBF6749FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04981A8D-F3F8-4D83-818B-775E8FE9CE77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AFAA6EC-C28C-4400-9979-0BF9FE3316EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEECDCF7-4E80-407E-80DA-E8DC3AE49B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3240CB4-DB33-4349-88A5-A6AE32F146A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6C947E1-5EC3-4207-9D05-6F09A0587DF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA988145-4527-492A-BD2D-0421C562FB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C922CA6-3411-4E42-A92E-1F579F3F4DE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D093B7CC-8816-477B-9336-81CE2BDD11E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA5C9E6-E0D2-4C7D-ACEA-69967D8D08CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4E3CB88-F651-4BB5-BB76-A2621AAF678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E69371BD-A296-4097-9537-8CF12F6A6A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D5F8FB-650F-485F-A471-E2F625317CAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:unbound:1.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA95DEC2-E47D-4B05-9F69-F1EAFBB11F68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling."
    },
    {
      "lang": "es",
      "value": "daemon/worker.c de Unbound 1.x anteriores a 1.4.10, cuando la funcionalidad de depuraci\u00f3n de errores (\"debugging\") y la opci\u00f3n de \"interface-automatic\" est\u00e1n activadas, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo en aserci\u00f3n y finalizaci\u00f3n del demonio) a trav\u00e9s de una petici\u00f3n DNS modificada que provoca un manejo de error incorrecto."
    }
  ],
  "id": "CVE-2011-1922",
  "lastModified": "2024-11-21T01:27:18.937",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-31T20:55:03.530",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/72750"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44865"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/531342"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/47986"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/72750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44865"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/531342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67645"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.