CVE-2009-3602

Metadata

CVE-2009-3602
7.5
unbound.net, debian.org, openwall.com, openwall.com, vupen.com, exchange.xforce.ibmcloud.com
2009-10-13
2017-08-17 06:09

Description

Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.

Related Vulnerabilities

platform vulnerability
CVE-2009-3602 unbound
CVE-2009-3602