Vulnerability Details : CVE-2009-3602
Unbound before 1.3.4 does not properly verify signatures for NSEC3 records, which allows remote attackers to cause secure delegations to be downgraded via DNS spoofing or other DNS-related attacks in conjunction with crafted delegation responses.
Products affected by CVE-2009-3602
- cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.09:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.0:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:nlnetlabs:unbound:0.4:*:*:*:*:*:*:*
Threat overview for CVE-2009-3602
Top countries where our scanners detected CVE-2009-3602
Top open port discovered on systems with this issue
53
IPs affected by CVE-2009-3602 1
Find out if you* are
affected by CVE-2009-3602!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-3602
0.80%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-3602
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2009-3602
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-3602
-
http://www.debian.org/security/2009/dsa-1963
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
-
http://www.vupen.com/english/advisories/2009/2875
Site en constructionVendor Advisory
-
http://www.openwall.com/lists/oss-security/2009/10/09/2
oss-security - CVE request: Unbound
-
http://www.openwall.com/lists/oss-security/2009/10/09/3
oss-security - Re: CVE request: Unbound
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/53729
Unbound NSEC3 security bypass CVE-2009-3602 Vulnerability Report
-
http://unbound.net/pipermail/unbound-users/2009-October/000852.html
[Unbound-users] NOTIFY implementation to unboundVendor Advisory
Jump to