Improper Interpretation of Wildcard Synthesized NSEC Records in Dnsmasq DNSSEC Implementation (CVE-2017-14491)

Improper Interpretation of Wildcard Synthesized NSEC Records in Dnsmasq DNSSEC Implementation (CVE-2017-14491)

CVE-2017-15107 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Learn more about our Web Application Penetration Testing UK.