What is the severity of CVE-2011-4528?

CVE-2011-4528 has a medium severity rating due to its potential to cause a denial of service.

How do I fix CVE-2011-4528?

To fix CVE-2011-4528, upgrade to Unbound version 1.4.13p2 or later.

What systems are affected by CVE-2011-4528?

CVE-2011-4528 affects various versions of Unbound including all versions prior to 1.4.13p2.

Can CVE-2011-4528 lead to remote attacks?

Yes, CVE-2011-4528 allows remote DNS servers to exploit the vulnerability and potentially crash the daemon.

Is CVE-2011-4528 related to memory management issues?

Yes, CVE-2011-4528 is caused by Unbound attempting to free unallocated memory during the processing of duplicate CNAME records.

Vulnerability/
CVE-2011-4528

medium

CWE

399

20/12/2011

7/8/2024

CVE-2011-4528

First published: Tue Dec 20 2011(Updated: )

Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
libunbound	<=1.4.13
libunbound	=0.0
libunbound	=0.1
libunbound	=0.2
libunbound	=0.3
libunbound	=0.4
libunbound	=0.5
libunbound	=0.6
libunbound	=0.7
libunbound	=0.7.1
libunbound	=0.7.2
libunbound	=0.8
libunbound	=0.09
libunbound	=0.10
libunbound	=0.11
libunbound	=1.0.0
libunbound	=1.0.1
libunbound	=1.0.2
libunbound	=1.1.0
libunbound	=1.1.1
libunbound	=1.2.0
libunbound	=1.2.1
libunbound	=1.3.0
libunbound	=1.3.1
libunbound	=1.3.2
libunbound	=1.3.3
libunbound	=1.3.4
libunbound	=1.4.0
libunbound	=1.4.1
libunbound	=1.4.2
libunbound	=1.4.3
libunbound	=1.4.4
libunbound	=1.4.5
libunbound	=1.4.6
libunbound	=1.4.7
libunbound	=1.4.8
libunbound	=1.4.9
libunbound	=1.4.10
libunbound	=1.4.11
libunbound	=1.4.12
libunbound	=1.4.14-rc1

Remedy

http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt

Remedy

http://www.kb.cert.org/vuls/id/209659

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-4528?
CVE-2011-4528 has a medium severity rating due to its potential to cause a denial of service.
How do I fix CVE-2011-4528?
To fix CVE-2011-4528, upgrade to Unbound version 1.4.13p2 or later.
What systems are affected by CVE-2011-4528?
CVE-2011-4528 affects various versions of Unbound including all versions prior to 1.4.13p2.
Can CVE-2011-4528 lead to remote attacks?
Yes, CVE-2011-4528 allows remote DNS servers to exploit the vulnerability and potentially crash the daemon.
Is CVE-2011-4528 related to memory management issues?
Yes, CVE-2011-4528 is caused by Unbound attempting to free unallocated memory during the processing of duplicate CNAME records.

agent/remedy
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/references
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/unbound
canonical/libunbound
version/libunbound/1.4.13
version/libunbound/0.0
version/libunbound/0.1
version/libunbound/0.2
version/libunbound/0.3
version/libunbound/0.4
version/libunbound/0.5
version/libunbound/0.6
version/libunbound/0.7
version/libunbound/0.7.1
version/libunbound/0.7.2
version/libunbound/0.8
version/libunbound/0.09
version/libunbound/0.10
version/libunbound/0.11
version/libunbound/1.0.0
version/libunbound/1.0.1
version/libunbound/1.0.2
version/libunbound/1.1.0
version/libunbound/1.1.1
version/libunbound/1.2.0
version/libunbound/1.2.1
version/libunbound/1.3.0
version/libunbound/1.3.1
version/libunbound/1.3.2
version/libunbound/1.3.3
version/libunbound/1.3.4
version/libunbound/1.4.0
version/libunbound/1.4.1
version/libunbound/1.4.2
version/libunbound/1.4.3
version/libunbound/1.4.4
version/libunbound/1.4.5
version/libunbound/1.4.6
version/libunbound/1.4.7
version/libunbound/1.4.8
version/libunbound/1.4.9
version/libunbound/1.4.10
version/libunbound/1.4.11
version/libunbound/1.4.12
version/libunbound/1.4.14-rc1

Frequently Asked Questions

What is the severity of CVE-2011-4528?
CVE-2011-4528 has a medium severity rating due to its potential to cause a denial of service.
How do I fix CVE-2011-4528?
To fix CVE-2011-4528, upgrade to Unbound version 1.4.13p2 or later.
What systems are affected by CVE-2011-4528?
CVE-2011-4528 affects various versions of Unbound including all versions prior to 1.4.13p2.
Can CVE-2011-4528 lead to remote attacks?
Yes, CVE-2011-4528 allows remote DNS servers to exploit the vulnerability and potentially crash the daemon.
Is CVE-2011-4528 related to memory management issues?
Yes, CVE-2011-4528 is caused by Unbound attempting to free unallocated memory during the processing of duplicate CNAME records.

CVE-2011-4528

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-4528?

How do I fix CVE-2011-4528?

What systems are affected by CVE-2011-4528?

Can CVE-2011-4528 lead to remote attacks?

Is CVE-2011-4528 related to memory management issues?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-4528?

How do I fix CVE-2011-4528?

What systems are affected by CVE-2011-4528?

Can CVE-2011-4528 lead to remote attacks?

Is CVE-2011-4528 related to memory management issues?