Описание
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1.6.5-1ubuntu0.2 |
| bionic | released | 1.6.7-1ubuntu2.1 |
| devel | not-affected | 1.7.1-1 |
| esm-infra-legacy/trusty | released | 1.4.22-1ubuntu4.14.04.3 |
| esm-infra/bionic | released | 1.6.7-1ubuntu2.1 |
| esm-infra/xenial | released | 1.5.8-1ubuntu1.1 |
| precise/esm | DNE | |
| trusty | released | 1.4.22-1ubuntu4.14.04.3 |
| trusty/esm | released | 1.4.22-1ubuntu4.14.04.3 |
| upstream | released | 1.6.8 |
Показывать по
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
A flaw was found in the way unbound before 1.6.8 validated wildcard-sy ...
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
5 Medium
CVSS2
5.3 Medium
CVSS3