Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-25031

Опубликовано: 27 апр. 2021
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3
CVSS3: 5.9

Описание

Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation

РелизСтатусПримечание
bionic

released

1.6.7-1ubuntu2.4
devel

not-affected

esm-infra-legacy/trusty

not-affected

disputed
esm-infra/bionic

released

1.6.7-1ubuntu2.4
esm-infra/focal

released

1.9.4-2ubuntu1.2
esm-infra/xenial

not-affected

disputed
focal

released

1.9.4-2ubuntu1.2
groovy

not-affected

1.11.0-1
hirsute

not-affected

impish

not-affected

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-25031

CVSS3: 5.9
redhat
около 6 лет назад

Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation

nvd логотип

CVE-2019-25031

CVSS3: 5.9
nvd
почти 5 лет назад

Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation

debian логотип

CVE-2019-25031

CVSS3: 5.9
debian
почти 5 лет назад

Unbound before 1.9.5 allows configuration injection in create_unbound_ ...

github логотип

GHSA-9vvw-9wr3-56v3

CVSS3: 5.9
github
больше 3 лет назад

Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session.

fstec логотип

BDU:2022-06882

CVSS3: 5.9
fstec
больше 6 лет назад

Уязвимость компонента create_unbound_ad_servers.sh DNS-сервера Unbound, позволяющая нарушителю оказать воздействие на целостность данных

4.3 Medium

CVSS2

5.9 Medium

CVSS3