64 matches found
Important: unbound
Issue Overview: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along wit...
unbound: Unbound Cache poisoning
A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...
unbound: Unbound Cache poisoning
A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...
unbound: Unbound Cache poisoning
A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...
unbound: Unbound Cache poisoning
A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...
Oracle Linux 8 : unbound (ELSA-2025-11884)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11884 advisory. - Fix RebirthDay Attack CVE-2025-5994 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
unbound security update
1.16.2-5.9 - Fix RebirthDay Attack CVE-2025-5994 - Resolves: RHEL-104123...
unbound security update
1.16.2-19.1 - Fix RebirthDay Attack CVE-2025-5994 - Resolves: RHEL-104128...
USN-7666-1 unbound vulnerabilities
Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...
USN-7666-1: Unbound vulnerabilities
Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...
FreeBSD : unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack (e27ee4fc-cdc9-45a1-8242-09898cdbdc91)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e27ee4fc-cdc9-45a1-8242-09898cdbdc91 advisory. [email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has be...
Unbound DNS Resolver 1.6.2 - 1.23.0 Cache Poisoning Vulnerability (Rebirthday Attack)
Unbound DNS Resolver is prone to a cache poisoning vulnerability Rebirthday Attack. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SUSE CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
ALPINE-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
DEBIAN-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994 Cache poisoning via the ECS-enabled Rebirthday Attack
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...