FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence

Affected packages
unbound < 1.4.14

Details

VuXML ID 7ba65bfd-2a40-11e1-b96e-00215af774f0
Discovery 2011-12-19
Entry 2011-12-19

Unbound developer reports:

Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances, resolves to a domain that misses expected NSEC3 records.

[source]

References

CVE Name CVE-2011-4528
URL http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.