QwikSec

Security Database

CVE

CWE

Training

CVE-2019-18934

Published: Nov 19, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module

mailing-list

x_refsource_MLIST

https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt

x_refsource_MISC

https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog

x_refsource_MISC

https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/

x_refsource_CONFIRM

FEDORA-2019-a29e620cd4

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2020:0912

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:0913

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.