ID CVE-2014-8602
Summary iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
References
Vulnerable Configurations
  • cpe:2.3:a:nlnetlabs:unbound:-:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:-:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.0:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.10:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:0.11:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.2.1:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.2.1:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.2.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.2.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.1:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.1:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.0:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.4:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.4:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.5:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.5:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.6:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.6:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.6:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.6:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.7:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.7:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.7:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.7:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.8:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.8:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.8:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.8:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.9:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.9:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.9:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.9:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.11:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.11:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc2:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc2:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc3:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.11:rc3:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.13:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.13:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.13:p2:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.13:p2:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.13:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.13:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.13:rc2:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.13:rc2:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.14:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.14:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.14:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.14:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.15:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.15:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.15:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.15:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.16:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.16:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.17:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.17:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.18:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.18:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.18:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.18:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.18:rc2:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.18:rc2:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.19:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.19:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.19:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.19:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.20:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.20:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.20:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.20:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.21:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.21:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.21:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.21:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.22:-:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.22:-:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.4.22:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.4.22:rc1:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nlnetlabs:unbound:1.5.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:nlnetlabs:unbound:1.5.0:rc1:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 28-11-2016 - 19:13)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 1180995
title unbound is installing files under /etc/tmpfiles.d/
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment unbound is earlier than 0:1.4.20-26.el7
        oval oval:com.redhat.rhsa:tst:20152455007
      • comment unbound is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152455008
    • AND
      • comment unbound-devel is earlier than 0:1.4.20-26.el7
        oval oval:com.redhat.rhsa:tst:20152455005
      • comment unbound-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152455006
    • AND
      • comment unbound-libs is earlier than 0:1.4.20-26.el7
        oval oval:com.redhat.rhsa:tst:20152455011
      • comment unbound-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152455012
    • AND
      • comment unbound-python is earlier than 0:1.4.20-26.el7
        oval oval:com.redhat.rhsa:tst:20152455009
      • comment unbound-python is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152455010
rhsa
id RHSA-2015:2455
released 2015-11-19
severity Low
title RHSA-2015:2455: unbound security and bug fix update (Low)
rpms
  • unbound-0:1.4.20-26.el7
  • unbound-devel-0:1.4.20-26.el7
  • unbound-libs-0:1.4.20-26.el7
  • unbound-python-0:1.4.20-26.el7
refmap via4
bid 71589
cert-vn VU#264212
confirm
debian DSA-3097
misc
ubuntu USN-2484-1
Last major update 28-11-2016 - 19:13
Published 11-12-2014 - 02:59
Back to Top