[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250053

 
 

909

 
 

195940

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2024-2481 --- unbound

ID: oval:org.secpod.oval:def:1702159Date: (C)2024-03-15   (M)2024-05-09
Class: PATCHFamily: unix




Certain DNSSEC aspects of the DNS protocol allow remote attackers to cause a denial of service via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. The Closest Encloser Proof aspect of the DNS protocol allows remote attackers to cause a denial of service via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations

Platform:
Amazon Linux 2
Product:
unbound
python2-unbound
python3-unbound
Reference:
ALAS2-2024-2481
CVE-2023-50387
CVE-2023-50868
CVE    2
CVE-2023-50387
CVE-2023-50868
CPE    3
cpe:/a:nlnetlabs:unbound
cpe:/o:amazon:linux:2
cpe:/a:python:python3-unbound

© SecPod Technologies