CVE-2009-4008

EPSS 0.26%

unbound - design flaw

Published: 6/2/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-4008

Description

Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.

Affected packages (2)

Debian/unboundfrom 0, < 1.4.4-1
Debian/unboundfrom 0, < 1.4.6-1~lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-4008