CVE-2019-18934 - OpenCVE

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Nlnetlabs	Unbound
Opensuse	Leap
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:opensuse:leap:15.1:::::::*
	cpe:2.3:o:opensuse:leap:15.2:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/11/19/1	Exploit Mailing List Third Party Advisory
https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog	Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/
https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt	Patch Vendor Advisory
https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-19T17:30:01

Updated: 2020-06-29T23:06:07

Reserved: 2019-11-13T00:00:00

Link: CVE-2019-18934

JSON object: View

NVD Information

Status : Modified

Published: 2019-11-19T18:15:10.523

Modified: 2023-11-07T03:07:18.980

Link: CVE-2019-18934

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-29T23:06:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"}, {"tags": ["x_refsource_MISC"], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"}, {"name": "FEDORA-2019-a29e620cd4", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"}, {"name": "openSUSE-SU-2020:0912", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"}, {"name": "openSUSE-SU-2020:0913", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18934", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"}, {"name": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt", "refsource": "MISC", "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"}, {"name": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog", "refsource": "MISC", "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"}, {"name": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/", "refsource": "CONFIRM", "url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"}, {"name": "FEDORA-2019-a29e620cd4", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"}, {"name": "openSUSE-SU-2020:0912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"}, {"name": "openSUSE-SU-2020:0913", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18934", "datePublished": "2019-11-19T17:30:01", "dateReserved": "2019-11-13T00:00:00", "dateUpdated": "2020-06-29T23:06:07", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "matchCriteriaId": "37721642-A2DA-4326-8D2C-8640D99EC472", "versionEndIncluding": "1.9.4", "versionStartIncluding": "1.6.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration."}, {"lang": "es", "value": "Unbound versiones 1.6.4 hasta 1.9.4, contiene una vulnerabilidad en el m\u00f3dulo ipsec que puede causar una ejecuci\u00f3n de c\u00f3digo de shell despu\u00e9s de recibir una respuesta especialmente dise\u00f1ada. Este problema solo puede ser activado si unbound fue compilado con el soporte \"--enable-ipsecmod\", e ipsecmod est\u00e1 habilitado y usado en la configuraci\u00f3n."}], "id": "CVE-2019-18934", "lastModified": "2023-11-07T03:07:18.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-19T18:15:10.523", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}