FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Unbound -- Multiple vulnerabilities

Affected packages
unbound < 1.16.2

Details

VuXML ID bc43a578-14ec-11ed-856e-d4c9ef517024
Discovery 2022-08-01
Entry 2022-08-05

NLnet Labs reports:

novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating.

novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information.

References

CVE Name CVE-2022-30698
CVE Name CVE-2022-30699
URL https://www.nlnetlabs.nl/projects/unbound/security-advisories/