Detections
Analytics
Unbound < 1.5.9 daemon/remote.c Diffie-Hellman Key Exchange Value Small Subgroup Confinement Attack Vulnerability
medium Nessus Plugin ID 106381
Language:
Synopsis
The remote name server is affected by a key confinement attack vulnerability.Description
According to its self-reported version number, the remote Unbound DNS resolver contains a flaw in the handling of Diffie-Hellman key exchange values that can allow a remote attacker to perform a small subgroup confinement attack.Solution
Upgrade to Unbound version 1.5.9 or later.See Also
https://nlnetlabs.nl/projects/unbound/download/
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=770
https://en.wikipedia.org/wiki/Small_subgroup_confinement_attack
Plugin Details
Severity: Medium
ID: 106381
File Name: unbound_1_5_9.nasl
Version: 1.5
Type: remote
Family: DNS
Published: 1/26/2018
Updated: 11/15/2018
Configuration: Enable paranoid mode
Risk Information
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS v3
Risk Factor: Medium
Base Score: 4
Temporal Score: 3.5
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:unbound:unbound
Required KB Items: Settings/ParanoidReport, unbound/version
Patch Publication Date: 6/9/2016
Vulnerability Publication Date: 5/26/2016