Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1922

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1922
Last Modified 15 Jun 2011 10:56:25
Published 31 May 2011 04:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1922

Summary

daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.

Vulnerable Systems

Application

  • Nlnetlabs Unbound 1.0.0

  • Nlnetlabs Unbound 1.0.1

  • Nlnetlabs Unbound 1.0.2

  • Nlnetlabs Unbound 1.1.0

  • Nlnetlabs Unbound 1.1.1

  • Nlnetlabs Unbound 1.2.0

  • Nlnetlabs Unbound 1.2.1

  • Nlnetlabs Unbound 1.3.0

  • Nlnetlabs Unbound 1.3.1

  • Nlnetlabs Unbound 1.3.2

  • Nlnetlabs Unbound 1.3.3

  • Nlnetlabs Unbound 1.3.4

  • Nlnetlabs Unbound 1.4.0

  • Nlnetlabs Unbound 1.4.1

  • Nlnetlabs Unbound 1.4.2

  • Nlnetlabs Unbound 1.4.3

  • Nlnetlabs Unbound 1.4.4

  • Nlnetlabs Unbound 1.4.5

  • Nlnetlabs Unbound 1.4.6

  • Nlnetlabs Unbound 1.4.7

  • Nlnetlabs Unbound 1.4.8

  • Nlnetlabs Unbound 1.4.9


References

CERT-VN - VU#531342

CONFIRM - http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt

XF - unbound-dns-dos(67645)

BID - 47986

SECUNIA - 44865

OSVDB - 72750

FEDORA - FEDORA-2011-7555


Last Updated: 27 May 2016 10:56:52