Lucene search
RedhatCVELIST:CVE-2009-3602HistoryOct 13, 2009 - 10:00 a.m.
CVE-2009-3602
2009-10-1310:00:00
redhat
www.cve.org
8
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
References
osvdb.org/58836
secunia.com/advisories/36996
secunia.com/advisories/37913
unbound.net/pipermail/unbound-users/2009-October/000852.html
www.debian.org/security/2009/dsa-1963
www.openwall.com/lists/oss-security/2009/10/09/2
www.openwall.com/lists/oss-security/2009/10/09/3
www.vupen.com/english/advisories/2009/2875
exchange.xforce.ibmcloud.com/vulnerabilities/53729
Related
osv
osv
unbound - DNSSEC validation
2009-12-23 00:00:00
nessus
nessus
openSUSE Security Update : unbound (unbound-2015)
2010-02-23 00:00:00
Unbound < 1.3.4 NSEC3 Signature Verification DNS Spoofing Vulnerability (CVE-2009-3602)
2018-01-26 00:00:00
openSUSE Security Update : unbound (unbound-2015)
2010-02-23 00:00:00
debian
debian
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
2009-12-23 20:35:17
openvas
openvas
Debian Security Advisory DSA 1963-1 (unbound)
2009-12-30 00:00:00
Debian: Security Advisory (DSA-1963-1)
2009-12-30 00:00:00
Unbound DNS Server NSEC3 Signature Verification DNS Spoofing Vulnerability
2010-01-04 00:00:00
nvd
nvd
CVE-2009-3602
2009-10-13 10:30:00
cve
cve
CVE-2009-3602
2009-10-13 10:30:00
debiancve
debiancve
CVE-2009-3602
2009-10-13 10:30:00
ubuntucve
ubuntucve
CVE-2009-3602
2009-10-13 00:00:00
prion
prion
Design/Logic Flaw
2009-10-13 10:30:00