CVE-2019-18934

moderate-risk

Published 2019-11-19

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.

Do I need to act?

0.67% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.3/10 High

NETWORK / LOW complexity

Affected Products (4)

Unbound

Fedora

Leap

Affected Vendors

Fedoraproject Opensuse Nlnetlabs

References (14)

Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html

Exploit http://www.openwall.com/lists/oss-security/2019/11/19/1

Release Notes https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Patch https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt

Release Notes https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/

Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html

Mailing List http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html

Exploit http://www.openwall.com/lists/oss-security/2019/11/19/1

Release Notes https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Patch https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt

Release Notes https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 10/34 · Low