Описание
The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.
The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1184
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40836
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00820.html
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00845.html
- http://secunia.com/advisories/29095
- http://secunia.com/advisories/29127
- http://sourceforge.net/mailarchive/forum.php?thread_name=sdlk5lolzj.fsf%40wes.hardakers.net&forum_name=dnssec-tools-users
- http://www.securityfocus.com/bid/27998
- http://www.vupen.com/english/advisories/2008/0673/references
EPSS
Процентиль: 68%
0.00573
Низкий
CVE ID
Связанные уязвимости
nvd
больше 17 лет назад
The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.
debian
больше 17 лет назад
The DNSSEC validation library (libval) library in dnssec-tools before ...
EPSS
Процентиль: 68%
0.00573
Низкий