Unbound < 1.4.11 Cache Update Policy Deleted Domain Name Resolving Weakness
Medium Nessus Plugin ID 87869
SynopsisThe remote name server is affected by a ghost domain names vulnerability.
DescriptionAccording to its self-reported version number, the remote Unbound DNS resolver is affected by a ghost domain names vulnerability due to the resolver service overwriting cached name servers and TTL values in NS records while processing the response of an A record query. A remote attacker can exploit this to resume the resolving of revoked domain names.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Unbound version 1.4.11 or later.