Vulnerabilities > CVE-2011-4528 - Resource Management Errors vulnerability in Unbound
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. Per: http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt "1.4.14 is released with the patch, but 1.4.14rc1 is vulnerable. http://www.unbound.net/downloads/unbound-1.4.14.tar.gz"
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2011-17337.NASL description Security update for CVE-2011-4528 / VU#209659 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57422 published 2012-01-03 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57422 title Fedora 15 : unbound-1.4.14-1.fc15 (2011-17337) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_7BA65BFD2A4011E1B96E00215AF774F0.NASL description Unbound developer reports : Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances, resolves to a domain that misses expected NSEC3 records. last seen 2020-06-01 modified 2020-06-02 plugin id 57338 published 2011-12-20 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57338 title FreeBSD : unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence (7ba65bfd-2a40-11e1-b96e-00215af774f0) NASL family Fedora Local Security Checks NASL id FEDORA_2011-17282.NASL description Security update for CVE-2011-4528 / VU#209659 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 57421 published 2012-01-03 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57421 title Fedora 16 : unbound-1.4.14-1.fc16 (2011-17282) NASL family DNS NASL id UNBOUND_1_4_14.NASL description According to its self-reported version number, the remote Unbound DNS resolver is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to an attempt to free unallocated memory during the processing of duplicate CNAME records in a signed zone. An attacker can exploit this, via a specially crafted response, to cause a daemon crash, resulting in a denial of service condition. (CVE-2011-4528) - A denial of service vulnerability exists due to improper proof processing for NSEC3-signed zones. An attacker can exploit this, via a malformed response that lacks expected NSEC3 records, to cause a daemon crash, resulting in a denial of service condition. (CVE-2011-4869) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 57574 published 2012-01-17 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57574 title Unbound < 1.4.14 / 1.4.13p2 Multiple DoS NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2370.NASL description It was discovered that Unbound, a recursive DNS resolver, would crash when processing certain malformed DNS responses from authoritative DNS servers, leading to denial of service. - CVE-2011-4528 Unbound attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone. - CVE-2011-4869 Unbound does not properly process malformed responses which lack expected NSEC3 records. last seen 2020-03-17 modified 2012-01-12 plugin id 57510 published 2012-01-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57510 title Debian DSA-2370-1 : unbound - several vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201311-18.NASL description The remote host is affected by the vulnerability described in GLSA-201311-18 (Unbound: Denial of Service) Multiple vulnerabilities have been discovered in Unbound. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Service condition via a specially crafted response. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 71120 published 2013-11-29 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71120 title GLSA-201311-18 : Unbound: Denial of Service
References
- http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071525.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071535.html
- http://osvdb.org/77909
- http://secunia.com/advisories/47326
- http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt
- http://www.debian.org/security/2011/dsa-2370
- http://www.kb.cert.org/vuls/id/209659