CVE-2012-1192

The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:N/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
unboundunbound
𝑥
≤ 1.4.10
unboundunbound
0.0
unboundunbound
0.1
unboundunbound
0.2
unboundunbound
0.3
unboundunbound
0.4
unboundunbound
0.5
unboundunbound
0.6
unboundunbound
0.7
unboundunbound
0.7.1
unboundunbound
0.7.2
unboundunbound
0.8
unboundunbound
0.9
unboundunbound
0.10
unboundunbound
0.11
unboundunbound
1.0.0
unboundunbound
1.0.1
unboundunbound
1.0.2
unboundunbound
1.1.0
unboundunbound
1.1.1
unboundunbound
1.2.0
unboundunbound
1.2.1
unboundunbound
1.3.0
unboundunbound
1.3.1
unboundunbound
1.3.2
unboundunbound
1.3.3
unboundunbound
1.3.4
unboundunbound
1.4.0
unboundunbound
1.4.1
unboundunbound
1.4.2
unboundunbound
1.4.3
unboundunbound
1.4.4
unboundunbound
1.4.5
unboundunbound
1.4.6
unboundunbound
1.4.7
unboundunbound
1.4.8
unboundunbound
1.4.9
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
unbound
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
dne