Showing 1 - 1 of 1

CVE-2009-3602

Status Candidate

Overview

Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.

Related Files

Debian Linux Security Advisory 1963-1: Posted Dec 29, 2009; Authored by Debian | Site debian.org; Debian Linux Security Advisory 1963-1 - It was discovered that Unbound, a DNS resolver, does not properly check cryptographic signatures on NSEC3 records. As a result, zones signed with the NSEC3 variant of DNSSEC lose their cryptographic protection. (An attacker would still have to carry out an ordinary cache poisoning attack to add bad data to the cache.); tags | advisory; systems | linux, debian; advisories | CVE-2009-3602; SHA-256 | 64ef176099b8262837d676a3c9b973cf330090a6d1284bcfb9809a6efb0ccba4; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 204 files
Ubuntu 76 files
Debian 22 files
tmrswrr 6 files
Ahmet Umit Bayram 6 files
Gentoo 5 files
ron190 5 files
Amit Roy 4 files
Furkan Eren Tetik 4 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,089)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,066)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,505)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,090)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,114)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,590)
UNIX (9,420)
UnixWare (187)
Windows (6,664)
Other

CVE-2009-3602

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems