Vladimír Čunát discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to bypass certain validations. (CVE-2019-10190) Vladimír Čunát discovered that Knot Resolver incorrectly handled input during DNSSEC validation. A remote attacker could possibly use this issue to downgrade DNSSEC-secure domains to a DNSSEC-insecure state, resulting in a domain hijacking attack. (CVE-2019-10191) Vladimír Čunát discovered that Knot Resolver incorrectly handled certain DNS replies with many resource records. An attacker could possibly use this issue to consume system resources, resulting in a denial of service. (CVE-2019-19331) Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Knot Resolver incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. (CVE-2020-12667)
Continue reading...
Continue reading...