PT-2012-3120 · Nlnet · Unbound

Publicado

2012-02-17

Atualizado

2012-02-20

CVE-2012-1192

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Unbound versions prior to 1.4.11

Description The issue allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. This occurs because the resolver overwrites cached server names and TTL values in NS records during the processing of a response to an A record query.

Recommendations For versions prior to 1.4.11, update to version 1.4.11 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2012-1192

Produtos afetados

Unbound

PT-2012-3120 · Nlnet · Unbound

CVE-2012-1192

Identificadores relacionados

Produtos afetados

Referências · 2