Detections
Analytics
Unbound < 1.5.9 daemon/remote.c Diffie-Hellman Key Exchange Value Small Subgroup Confinement Attack Vulnerability
medium Nessus Plugin ID 106381
Language:
Synopsis
The remote name server is affected by a key confinement attack vulnerability.Description
According to its self-reported version number, the remote Unbound DNS resolver contains a flaw in the handling of Diffie-Hellman key exchange values that can allow a remote attacker to perform a small subgroup confinement attack.Solution
Upgrade to Unbound version 1.5.9 or later.See Also
https://nlnetlabs.nl/projects/unbound/download/
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=770
https://en.wikipedia.org/wiki/Small_subgroup_confinement_attack
Plugin Details
Severity: Medium
ID: 106381
File Name: unbound_1_5_9.nasl
Version: 1.5
Type: remote
Family: DNS
Published: 1/26/2018
Updated: 11/15/2018
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Vulnerability Information
CPE: cpe:/a:unbound:unbound
Required KB Items: Settings/ParanoidReport, unbound/version
Patch Publication Date: 6/9/2016
Vulnerability Publication Date: 5/26/2016