Detections
Analytics
Unbound < 1.5.2 Upstream Server Trust Anchor Unspecified DNSSEC Validation Weakness
medium Nessus Plugin ID 87871
Language:
Synopsis
The remote name server is affected by an unspecified DNSSEC validation weakness.Description
According to its self-reported version number, the remote Unbound DNS resolver is affected by an unspecified DNSSEC validation weakness that is triggered when an upstream server with different trust anchors introduces unsigned records in messages.Solution
Upgrade to Unbound version 1.5.2 or later.See Also
https://nlnetlabs.nl/pipermail/unbound-users/2015-February/003784.html
Plugin Details
Severity: Medium
ID: 87871
File Name: unbound_1_5_2.nasl
Version: 1.3
Type: remote
Family: DNS
Published: 1/12/2016
Updated: 11/15/2018
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:unbound:unbound
Required KB Items: Settings/ParanoidReport, unbound/version
Patch Publication Date: 2/19/2015
Vulnerability Publication Date: 2/19/2015