Launchpad CVE tracker

CVE 2011-1922

daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.

Related bugs and status

CVE-2011-1922 (Candidate) is related to these bugs:

Bug #788818: Assertion failure when unbound generates an empty error reply in response to a query

		In	Importance	Status
788818	Assertion failure when unbound generates an empty error reply in response to a query	unbound (Ubuntu)	Undecided	Fix Released
788818	Assertion failure when unbound generates an empty error reply in response to a query	unbound (Ubuntu Hardy)	Undecided	Invalid
788818	Assertion failure when unbound generates an empty error reply in response to a query	unbound (Ubuntu Lucid)	Medium	Fix Released
788818	Assertion failure when unbound generates an empty error reply in response to a query	unbound (Ubuntu Natty)	Undecided	Fix Released
788818	Assertion failure when unbound generates an empty error reply in response to a query	unbound (Ubuntu Maverick)	Medium	Fix Released
788818	Assertion failure when unbound generates an empty error reply in response to a query	Hardy Backports	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-1922

References