ID de Prueba:	1.3.6.1.4.1.25623.1.0.148791
Categoría:	Denial of Service
Título:	Unbound DNS Resolver < 1.16.3 DoS Vulnerability
Resumen:	Unbound DNS Resolver is prone to a denial of service (DoS); vulnerability 'Non-Responsive Delegation Attack' (NRDelegation Attack).
Descripción:	Summary: Unbound DNS Resolver is prone to a denial of service (DoS) vulnerability 'Non-Responsive Delegation Attack' (NRDelegation Attack). Vulnerability Insight: The NRDelegation Attack can exploit resolvers by having a malicious delegation with a considerable number of non responsive nameservers. It can trigger high CPU usage in some resolver implementations that continually look in the cache for resolved NS records in that delegation. This can lead to degraded performance and eventually denial of service in orchestrated attacks. Affected Software/OS: Unbound DNS Resolver version 1.16.2 and prior. Solution: Update to version 1.16.3 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3204 https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL/ https://security.gentoo.org/glsa/202212-02 https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.