oss-sec mailing list archives
Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS
From: Tomas Hoger <thoger () redhat com>
Date: Tue, 16 Mar 2010 21:08:27 +0100
On Tue, 16 Mar 2010 11:56:31 -0600 Vincent Danen <vdanen () redhat com> wrote:
Unbound upstream has released latest, v1.4.3 version: [1] http://www.unbound.net/download.html addressing one denial of service issue, specific to 64 bit platforms. References: [2] http://bugs.gentoo.org/show_bug.cgi?id=309117 Could you allocate CVE id for it?Please use CVE-2010-0735 for this issue.
This just got CVE-2010-0969 from Mitre: Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Jan Lieskovsky (Mar 12)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Vincent Danen (Mar 16)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Tomas Hoger (Mar 16)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Vincent Danen (Mar 16)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Steven M. Christey (Mar 18)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Vincent Danen (Mar 18)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Tomas Hoger (Mar 16)
- Re: CVE Request -- Unbound v1.4.3 -- 64 bit platforms specific remote DoS Vincent Danen (Mar 16)