[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-4008Date: (C)2011-06-02   (M)2023-12-22


Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
DSA-2243
http://packages.debian.org/changelogs/pool/main/u/unbound/unbound_1.4.6-1/changelog
http://unbound.nlnetlabs.nl/downloads/unbound-1.4.4.tar.gz

CPE    1
cpe:/a:nlnetlabs:unbound
CWE    1
CWE-399
OVAL    1
oval:org.secpod.oval:def:600533

© SecPod Technologies