4 matches found
openSUSE Security Update : unbound (unbound-2015)
Unbound did not check signatures on NSEC3 records which allowed attackers who could spoof DNS responses to bypass DNSSEC. CVE-2009-3602: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
------------------------------------------------------------------------ Debian Security Advisory DSA-1963-1 [email protected] http://www.debian.org/security/ Florian Weimer December 23, 2009 http://www.debian.org/security/faq -...
CVE-2009-3602
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses...
CVE-2009-3602
Unbound (DNS resolver) versions before 1.3.4 are affected by CVE-2009-3602 due to incorrect verification of NSEC3 signatures, allowing remote attackers to cause secure delegations to be downgraded via DNS spoofing or related DNS attacks when handling crafted responses. Public disclosures and advi...