|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for unbound (DSA-4694-1)|
|Summary:||The remote host is missing an update for the 'unbound'; package(s) announced via the DSA-4694-1 advisory.|
The remote host is missing an update for the 'unbound'
package(s) announced via the DSA-4694-1 advisory.
Two vulnerabiliites have been discovered in Unbound, a recursive-only
caching DNS server, a traffic amplification attack against third party
authoritative name servers (NXNSAttack) and insufficient sanitisation
of replies from upstream servers could result in denial of service via
an infinite loop.
The version of Unbound in the oldstable distribution (stretch) is
no longer supported. If these security issues affect your setup, you
should upgrade to the stable distribution (buster).
'unbound' package(s) on Debian Linux.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your unbound packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-12662|
Common Vulnerability Exposure (CVE) ID: CVE-2020-12663
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.