Unbound prior to 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote malicious users to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
nlnetlabs unbound 1.3.2 |
||
nlnetlabs unbound 1.3.1 |
||
nlnetlabs unbound 1.0.1 |
||
nlnetlabs unbound 1.0.0 |
||
nlnetlabs unbound 0.7 |
||
nlnetlabs unbound 0.6 |
||
nlnetlabs unbound 1.2.0 |
||
nlnetlabs unbound 1.1.1 |
||
nlnetlabs unbound 0.09 |
||
nlnetlabs unbound 0.8 |
||
nlnetlabs unbound 0.3 |
||
nlnetlabs unbound 0.2 |
||
nlnetlabs unbound 0.1 |
||
nlnetlabs unbound |
||
nlnetlabs unbound 1.1.0 |
||
nlnetlabs unbound 1.0.2 |
||
nlnetlabs unbound 0.7.2 |
||
nlnetlabs unbound 0.7.1 |
||
nlnetlabs unbound 0.0 |
||
nlnetlabs unbound 1.3.0 |
||
nlnetlabs unbound 1.2.1 |
||
nlnetlabs unbound 0.11 |
||
nlnetlabs unbound 0.10 |
||
nlnetlabs unbound 0.5 |
||
nlnetlabs unbound 0.4 |
Vulmon