Vulnerability CVE-2019-16866


Published: 2019-10-03

Description:
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Canonical
Product: Ubuntu linux 
Version: 19.04;
Vendor: Nlnetlabs
Product: Unbound 
Version:
1.9.3
1.9.2
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.3
1.7.2
1.7.1
1.7.0
1.6.8
1.6.7
1.6.6
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.9
1.5.8
1.5.7
1.5.6rc1
1.5.6
1.5.5
1.5.4
1.5.3
1.5.2
1.5.10
1.5.1
1.5.0
1.4.9
1.4.8
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.22
1.4.21
1.4.20
1.4.2
1.4.19
1.4.18
1.4.17
1.4.16
1.4.15
1.4.14
1.4.13
1.4.11
1.4.10
1.4.1
1.4.0
1.3.4
1.3.3
1.3.2
1.3.1
1.3.0
1.2.1
1.2.0
1.1.1
1.1.0
1.0.2
1.0.1
1.0.0
0.9
0.8
0.7.2
0.7.1
0.7
0.6
0.5
0.4
0.3
0.2
0.11
0.10
0.0

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://github.com/NLnetLabs/unbound/blob/release-1.9.4/doc/Changelog
https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt
https://usn.ubuntu.com/4149-1/
https://www.debian.org/security/2019/dsa-4544

Related CVE
CVE-2019-13207
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
CVE-2017-15105
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound int...
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
CVE-2016-6173
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
CVE-2014-8602
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
CVE-2014-3209
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
CVE-2012-2978
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.

Copyright 2019, cxsecurity.com

 

Back to Top