Candidate: CVE-2011-4869
PublicDate: 2011-12-20 11:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4869
 http://www.kb.cert.org/vuls/id/209659
 http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt
Description:
 validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform
 proof processing for NSEC3-signed zones, which allows remote DNS servers to
 cause a denial of service (daemon crash) via a malformed response that
 lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_unbound:
upstream_unbound: not-affected (1.4.14-1)
hardy_unbound: DNE
lucid_unbound: released (1.4.1-2ubuntu0.2)
maverick_unbound: released (1.4.5-1ubuntu1.2)
natty_unbound: released (1.4.9-0ubuntu1.2)
oneiric_unbound: released (1.4.12-1ubuntu1)
devel_unbound: not-affected (1.4.14-2)