Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Unbound DNS Resolver 1.6.4 - 1.9.4 RCE Vulnerability
Information
Severity
Severity
Medium
Family
Family
General
CVSSv2 Base
CVSSv2 Base
6.8
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
4 years ago
Modified
Modified
4 years ago
Summary
Unbound DNS Resolver is prone to a remote code execution vulnerability under certain conditions.
Insight
Insight
Unbound contains a vulnerability that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with '--enable-ipsecmod' support, and ipsecmod is enabled and used in the configuration.
Affected Software
Affected Software
Ubound DNS Resolver versions 1.6.4 - 1.9.4.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 1.9.5 or later or apply the provided patch.