unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence

2011-12-19T00:00:00
ID 7BA65BFD-2A40-11E1-B96E-00215AF774F0
Type freebsd
Reporter FreeBSD
Modified 2011-12-19T00:00:00

Description

Unbound developer reports:

Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances, resolves to a domain that misses expected NSEC3 records.