Vulnerability CVE-2017-15105: Information
Description
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
unbound | sisyphus | 1.7.0-alt1 | 1.19.3-alt1 | ALT-PU-2018-1477-1 | 202823 | Fixed |
unbound | p10 | 1.7.0-alt1 | 1.19.3-alt1 | ALT-PU-2018-1477-1 | 202823 | Fixed |
unbound | p9 | 1.7.0-alt1 | 1.19.3-alt1 | ALT-PU-2018-1477-1 | 202823 | Fixed |
unbound | p8 | 1.7.0-alt0.M80P.1 | 1.11.0-alt0.M80P.1 | ALT-PU-2018-1478-1 | 202824 | Fixed |
unbound | c10f1 | 1.7.0-alt1 | 1.19.2-alt1 | ALT-PU-2018-1477-1 | 202823 | Fixed |
unbound | c9f2 | 1.7.0-alt1 | 1.19.2-alt1 | ALT-PU-2018-1477-1 | 202823 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://unbound.net/downloads/CVE-2017-15105.txt |
|
102817 |
|
[debian-lts-announce] 20180130 [SECURITY] [DLA 1264-1] unbound security update |
|
USN-3673-1 |
|
[debian-lts-announce] 20190214 [SECURITY] [DLA 1676-1] unbound security update |
|