CVE-2017-15105

NameCVE-2017-15105
DescriptionA flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1264-1, DLA-1676-1
NVD severitymedium (attack range: remote)
Debian Bugs887733

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
unbound (PTS)jessie1.4.22-3+deb8u3vulnerable
jessie (security)1.4.22-3+deb8u4fixed
stretch1.6.0-3+deb9u2fixed
bullseye, sid, buster1.9.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
unboundsource(unstable)1.7.1-1medium887733
unboundsourcejessie1.4.22-3+deb8u4mediumDLA-1676-1
unboundsourcestretch1.6.0-3+deb9u2medium
unboundsourcewheezy1.4.17-3+deb7u3mediumDLA-1264-1

Notes

https://unbound.net/downloads/CVE-2017-15105.txt
https://unbound.net/downloads/patch_cve_2017_15105.diff
https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be

Search for package or bug name: Reporting problems