Denial of Service Vulnerability in Unbound DNS Resolver (CVE-2012-1191)

Denial of Service Vulnerability in Unbound DNS Resolver (CVE-2012-1191)

CVE-2011-4869 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.

Learn more about our Cis Benchmark Audit For Server Software.