CVE-2009-3602
Published Oct 13, 2009
Last updated 7 years ago
Overview
- Description
- Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7158CA2-29DF-4705-96DF-4166D43FB0B3",
"versionEndIncluding": "1.3.3"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C91D9B3-201C-4090-8AB7-22B3B017C9B8"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54DA5D37-9D1E-483D-AD56-FD9B32BE62BC"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD25EC11-5C51-4072-AFBC-CB6C7173E1EB"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19BD88F4-8CF7-4C02-9A68-0F57A5C221AA"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FBA46C5-4E08-4B9F-897B-05DE3AF9A10D"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C96D1B54-4C99-4B36-97A5-40D7A3691041"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D62F9F20-8A6E-4736-A3ED-879BCE4E4F89"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52C42FEA-5001-41D4-8CA3-A25D8CB0A9B0"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29B38799-BBFD-42B3-8DF3-1C2957BEE205"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6ADE80A0-3D9D-4C4E-859B-E0A7EE5A3C3A"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "785E8B09-CC33-4812-923F-3168FA73B814"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3F22E5E-185B-411E-BD1A-9F2774F87E93"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "798B325D-4612-493C-BDF3-D09F9AF99C75"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28DF2FEF-AED3-43C3-8877-EB5A724232BE"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA2F7047-5435-4616-8357-B72BB3F9A600"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05137329-C056-4E1E-811E-0AF2899E9EE4"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "850E4420-3B05-4F99-A4C6-AD22E127E7DC"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6A23044-AB7D-4303-804B-11ADC8CF4CD3"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9DFA469-124B-4F6A-9D86-2B615CC1F5B0"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D463CB7-2B65-4A4D-8AC2-35F6C51CAC3E"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7701F4B-6FF1-463E-BF6D-6B7EA96DB192"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "661E72ED-666D-4532-B503-683E2C84686F"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDF5BCB9-1950-4099-8E08-5D1CBF6749FE"
},
{
"criteria": "cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04981A8D-F3F8-4D83-818B-775E8FE9CE77"
}
],
"operator": "OR"
}
]
}
]