Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

Related Vulnerabilities: CVE-2023-50387   CVE-2023-50868  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Alan Coopersmith &lt;alan.coopersmith () oracle com&gt;

Date: Tue, 13 Feb 2024 12:06:42 -0800

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
On 2/13/24 06:07, Yorgos Thessalonikefs wrote:
DNSSEC protocol vulnerabilities have been discovered that render various
DNSSEC validators victims of Denial Of Service while trying to validate
specially crafted DNSSEC responses.

There are two known vulnerabilities: CVE-2023-50387 (referred here as
the KeyTrap vulnerability) and CVE-2023-50868 (referred here as the
NSEC3 vulnerability).

Similarly, dnsmasq 2.90 was published today to address these:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

--
        -Alan Coopersmith-                 alan.coopersmith () oracle com
         Oracle Solaris Engineering - https://blogs.oracle.com/solaris

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Yorgos Thessalonikefs (Feb 13)

Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Alan Coopersmith (Feb 13)

Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Solar Designer (Feb 13)

Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Solar Designer (Feb 13)
Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Alan Coopersmith (Feb 16)
Re: Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities Solar Designer (Feb 16)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started