Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 1:52 p.m.12 views

unbound: Unbound domain hijacking via promiscuous records

A domain hijacking flaw has been discovered in NLNet Lab's Unbound project. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver'...

7.1CVSS7.3AI score0.00311EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.9 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2025-1315)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1315 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to...

7.1CVSS6.6AI score0.00311EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/11/26 12:0 a.m.7 views

FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound

FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...

7.1CVSS6.8AI score0.00311EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.1 views

PT-2025-43065

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions up to and including 1.24.0 Description Unbound is susceptible to domain hijack attacks through the manipulation of DNS responses. Specifically, maliciously crafted NS Resource Record Sets RRSets included in replies...

7.1CVSS6.3AI score0.00311EPSS
Exploits0References77
Rows per page
Query Builder