FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence

Affected packages
unbound < 1.4.14


VuXML ID 7ba65bfd-2a40-11e1-b96e-00215af774f0
Discovery 2011-12-19
Entry 2011-12-19

Unbound developer reports:

Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances, resolves to a domain that misses expected NSEC3 records.


CVE Name CVE-2011-4528