PT-2018-9195 · Cz.Nic · Knot Resolver
Publicado
2018-01-22
·
Atualizado
2019-11-06
·
CVE-2018-1000002
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Knot Resolver versions prior to 1.5.2
Description:
The issue is related to improper input validation bugs in DNSSEC validators components. This allows an attacker in a man-in-the-middle position to deny the existence of some data in DNS via packet replay.
Recommendations:
For versions prior to 1.5.2, update to version 1.5.2 or later to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Knot Resolver