CVE-2011-4869

EUVD-2011-4786
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
unboundunbound
𝑥
≤ 1.4.12
unboundunbound
0.0
unboundunbound
0.1
unboundunbound
0.2
unboundunbound
0.3
unboundunbound
0.4
unboundunbound
0.5
unboundunbound
0.6
unboundunbound
0.7
unboundunbound
0.7.1
unboundunbound
0.7.2
unboundunbound
0.8
unboundunbound
0.09
unboundunbound
0.10
unboundunbound
0.11
unboundunbound
1.0.0
unboundunbound
1.0.1
unboundunbound
1.0.2
unboundunbound
1.1.0
unboundunbound
1.1.1
unboundunbound
1.2.0
unboundunbound
1.2.1
unboundunbound
1.3.0
unboundunbound
1.3.1
unboundunbound
1.3.2
unboundunbound
1.3.3
unboundunbound
1.3.4
unboundunbound
1.4.0
unboundunbound
1.4.1
unboundunbound
1.4.2
unboundunbound
1.4.3
unboundunbound
1.4.4
unboundunbound
1.4.5
unboundunbound
1.4.6
unboundunbound
1.4.7
unboundunbound
1.4.8
unboundunbound
1.4.9
unboundunbound
1.4.10
unboundunbound
1.4.11
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
unbound
bookworm
1.17.1-2+deb12u2
fixed
bookworm (security)
1.17.1-2+deb12u2
fixed
bullseye
1.13.1-1+deb11u2
fixed
bullseye (security)
1.13.1-1+deb11u3
fixed
sid
1.22.0-1
fixed
trixie
1.22.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
unbound
hardy
dne
lucid
Fixed 1.4.1-2ubuntu0.2
released
maverick
Fixed 1.4.5-1ubuntu1.2
released
natty
Fixed 1.4.9-0ubuntu1.2
released
oneiric
Fixed 1.4.12-1ubuntu1
released
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071525.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071535.html
http://osvdb.org/77910
http://secunia.com/advisories/47326
http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt
http://www.debian.org/security/2011/dsa-2370
http://www.kb.cert.org/vuls/id/209659
https://exchange.xforce.ibmcloud.com/vulnerabilities/71868
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071525.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071535.html
http://osvdb.org/77910
http://secunia.com/advisories/47326
http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt
http://www.debian.org/security/2011/dsa-2370
http://www.kb.cert.org/vuls/id/209659
https://exchange.xforce.ibmcloud.com/vulnerabilities/71868