Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

Open Source Security [[{„value“:“

Posted by Yorgos Thessalonikefs on Feb 13

Hi there,

(The official announcement and more information can be found at:
https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/)

DNSSEC protocol vulnerabilities have been discovered that render various
DNSSEC validators victims of Denial Of Service while trying to validate
specially crafted DNSSEC responses.

There are two known vulnerabilities: CVE-2023-50387 (referred here as
the KeyTrap vulnerability) and CVE-2023-50868 (referred…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert