CVE-2017-15105

Summary

A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.

Affected Software

VendorProductVersion RangeStatus
NLnet Labsunboundbefore 1.6.8affected

Weaknesses

  • CWE-358: CWE-358

ADP Enrichment

CVE Program Container

Additional References

References