Showing 1 - 4 of 4

CVE-2014-8602

Status Candidate

Overview

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

Related Files

Red Hat Security Advisory 2015-2455-01: Posted Nov 20, 2015; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2015-2455-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. Prior to this update, there was a mistake in the time configuration in the cron job invoking unbound-anchor to update the root zone key. Consequently, unbound-anchor was invoked once a month instead of every day, thus not complying with RFC 5011. The cron job has been replaced with a systemd timer unit that is invoked on a daily basis. Now, the root zone key validity is checked daily at a random time within a 24-hour window, and compliance with RFC 5011 is ensured.; tags | advisory, denial of service, root; systems | linux, redhat; advisories | CVE-2014-8602; SHA-256 | 80eec6ea3b08ffaf69bd8e7af8262477749a554f359c9fa6654843dacb0da7b6; Download | Favorite | View

Ubuntu Security Notice USN-2484-1: Posted Jan 26, 2015; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2484-1 - Florian Maury discovered that Unbound incorrectly handled delegation. A remote attacker could possibly use this issue to cause Unbound to consume resources, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2014-8602; SHA-256 | 1f1358b068f4b7ce6d921a42c6f56eda2a026fda08a10966cb11f7d0c8c0c9f0; Download | Favorite | View

FreeBSD Security Advisory - unbound Denial Of Service: Posted Dec 17, 2014; Authored by Florian Maury | Site security.freebsd.org; FreeBSD Security Advisory - By causing queries to be made against a maliciously-constructed zone or against a malicious DNS server, an attacker who is able to cause specific queries to be sent to a nameserver can trick unbound(8) resolver into following an endless series of delegations, which consumes a lot of resources.; tags | advisory; systems | freebsd; advisories | CVE-2014-8602; SHA-256 | 7325ed64b2652e63c948472623f25b89e0c8ea7a43bf475eb776a142e8481671; Download | Favorite | View

Debian Security Advisory 3097-1: Posted Dec 11, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3097-1 - Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit (or make emit) queries to the server can trick the resolver into following an endless series of delegations, leading to resource exhaustion and huge network usage.; tags | advisory, denial of service; systems | linux, debian; advisories | CVE-2014-8602; SHA-256 | f29252d59d1726b09a850b5b3c121de1a09c064b5ff9e828dbac66759c64b0bb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2014-8602

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems