CVE-2009-3602

NONECVSS 0.0

0.0

Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.

🔗 References (18)

secalert@redhathttp://osvdb.org/58836
secalert@redhathttp://secunia.com/advisories/36996
secalert@redhathttp://secunia.com/advisories/37913
secalert@redhathttp://unbound.net/pipermail/unbound-users/2009-October/000852.html
secalert@redhathttp://www.debian.org/security/2009/dsa-1963
secalert@redhathttp://www.openwall.com/lists/oss-security/2009/10/09/2
secalert@redhathttp://www.openwall.com/lists/oss-security/2009/10/09/3
secalert@redhathttp://www.vupen.com/english/advisories/2009/2875
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/53729
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/58836
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36996
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37913
af854a3a-2127-422b-91ae-364da2661108http://unbound.net/pipermail/unbound-users/2009-October/000852.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1963
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/10/09/2

Is Your Infrastructure Affected by CVE-2009-3602?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3602

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3602?