CVE-2009-3602

2009-10-13T10:30:00
ID CVE-2009-3602
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:31:00

Description

Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.