CVE-2011-4869

validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.

Date published : 2011-12-20

http://www.kb.cert.org/vuls/id/209659

http://unbound.nlnetlabs.nl/downloads/CVE-2011-4528.txt