14 matches found
Possible cache poisoning via promiscuous records for the authority section
...
CVE-2026-42960
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...
EUVD-2026-31083
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...
CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...
CVE-2026-42960
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...
Linux Distros Unpatched Vulnerability : CVE-2026-42960
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that...
Updated unbound packages fix security vulnerabilities
Possible domain hijacking via promiscuous records in the authority section. CVE-2025-11411. Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete...
FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound
FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...
Possible domain hijacking via promiscuous records in the authority section
...
FreeBSD : unbound -- Possible domain hijacking via promiscuous records in the authority section (ea1c485f-b025-11f0-bce7-bc2411002f50)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea1c485f-b025-11f0-bce7-bc2411002f50 advisory. [email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possib...
CVE-2025-11411 Possible domain hijacking via promiscuous records in the authority section
NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...
CVE-2025-11411 Possible domain hijacking via promiscuous records in the authority section
NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...
CVE-2025-11411
Summary: CVE-2025-11411 affects NLnet Labs Unbound up to and including 1.24.1, enabling possible domain hijack via promiscuous NS RRSets injected in DNS responses. The root issue is that NS RRSets in replies could be trusted for delegation updates, allowing a malicious actor to poison caches. The...
unbound -- Possible domain hijacking via promiscuous records in the authority section
[email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone...