Lucene search

K
freebsdFreeBSDBC43A578-14EC-11ED-856E-D4C9EF517024
HistoryAug 01, 2022 - 12:00 a.m.

Unbound -- Multiple vulnerabilities

2022-08-0100:00:00
vuxml.freebsd.org
7

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.5%

NLnet Labs reports:

novel type of the “ghost domain names” attack. The vulnerability
works by targeting an Unbound instance. Unbound is queried for a
rogue domain name when the cached delegation information is about to
expire. The rogue nameserver delays the response so that the cached
delegation information is expired. Upon receiving the delayed answer
containing the delegation information, Unbound overwrites the now
expired entries. This action can be repeated when the delegation
information is about to expire making the rogue delegation
information ever-updating.
novel type of the “ghost domain names” attack. The vulnerability
works by targeting an Unbound instance. Unbound is queried for a
subdomain of a rogue domain name. The rogue nameserver returns
delegation information for the subdomain that updates Unbound’s
delegation cache. This action can be repeated before expiry of the
delegation information by querying Unbound for a second level
subdomain which the rogue nameserver provides new delegation
information.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchunbound< 1.16.2UNKNOWN

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.5%