Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    UNBOUND DNS Resolver: Vulnerability in IPSEC module

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 3 Posters 397 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elvisimprsntr
      last edited by elvisimprsntr

      https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module

      pfSense uses 1.9.1. Is there a patch/update available for pfSense?

      Excerpt:

      The CVE number for this vulnerability is CVE-2019-18934

Summary
Recent versions of Unbound contain a vulnerability that can cause shell
code execution after receiving a specially crafted answer. This issue
can only be triggered if unbound was compiled with `--enable-ipsecmod`
support, and ipsecmod is enabled and used in the configuration.

Affected products
Unbound 1.6.4 up to and including 1.9.4.

Solution
Download patched version of Unbound, or apply the patch manually.
      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by

        @elvisimprsntr said in UNBOUND DNS Resolver: Vulnerability in IPSEC module:

        --enable-ipsecmod

        it is not compiled with that flag

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        1 Reply Last reply Reply Quote 1
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          pfSense does not use the Unbound ipsec module, so it's a non-issue.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.