Vulnerability in Nlnetlabs Unbound

CVE-2009-4008

Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.

EPSS: 0.003 (49.3th percentile) — read the EPSS interpretation.

Affected products

Nlnetlabs Unbound — versions 0.0, 0.1, 0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

cve@mitre.org (Patch, x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
DSA-2243 (vendor-advisory, x_refsource_DEBIAN)