Computer Security
[EN] securityvulns.ru no-pyccku


Unbound DNS resolver DoS conditions
Published:26.12.2011
Source:
SecurityVulns ID:12112
Type:remote
Threat Level:
5/10
Description:Different denial of service conditions
Affected:UNBOUND : unbound 1.4
CVE:CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.)
 CVE-2011-4528 (Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2370-1] unbound security update (26.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod