Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1184

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1184
Last Modified 07 Mar 2011 10:06:16
Published 05 Mar 2008 07:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1184

Summary

The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.

Vulnerable Systems

Application

  • Dnssec-tools 1.3.1


References

SECUNIA - 29127

FEDORA - FEDORA-2008-1771

FEDORA - FEDORA-2008-1758

VUPEN - ADV-2008-0673

CONFIRM - http://sourceforge.net/mailarchive/forum.php?thread_name=sdlk5lolzj.fsf%40wes.hardakers.net&forum_name=dnssec-tools-users

SECUNIA - 29095

XF - dnssectools-libval-security-bypass(40836)

BID - 27998


Last Updated: 27 May 2016 10:47:03