Lucene search
PRIOn knowledge basePRION:CVE-2019-10190HistoryJul 16, 2019 - 6:15 p.m.
Input validation
2019-07-1618:15:00
PRIOn knowledge base
www.prio-n.com
A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 29 | |
| fedora | eq | 30 | |
| knot_resolver | le | 3.2.0 | |
| knot_resolver | ge | 4.0.0 | |
| knot_resolver | lt | 4.1.0 |
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10190
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMSSWBHINIX4WE6UDXWM66L7JYEK6XS6/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZV5YZZ5766UIG2TFLFJL6EESQNAP5X5/
www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html
Related
nessus
nessus
Fedora 30 : knot-resolver (2019-fdb50c675d)
2019-07-19 00:00:00
Fedora 29 : knot-resolver (2019-20f95b0b39)
2019-07-19 00:00:00
Debian dla-3795 : knot-resolver - security update
2024-04-26 00:00:00
openvas
openvas
Knot Resolver < 4.1.0 Multiple Vulnerabilities
2019-07-22 00:00:00
Fedora Update for knot-resolver FEDORA-2019-20f95b0b39
2019-07-20 00:00:00
Fedora Update for knot-resolver FEDORA-2019-fdb50c675d
2019-07-20 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: knot-resolver-4.1.0-1.fc29
2019-07-19 03:07:18
[SECURITY] Fedora 30 Update: knot-resolver-4.1.0-1.fc30
2019-07-19 01:11:17
alpinelinux
alpinelinux
CVE-2019-10190
2019-07-16 18:15:12
CVE-2019-10191
2019-07-16 18:15:12
osv
osv
CVE-2019-10190
2019-07-16 18:15:12
knot-resolver - security update
2024-04-26 00:00:00
CVE-2019-10191
2019-07-16 18:15:12
ubuntucve
ubuntucve
CVE-2019-10190
2019-07-10 00:00:00
CVE-2019-10191
2019-07-10 00:00:00
debiancve
debiancve
CVE-2019-10190
2019-07-16 18:15:12
CVE-2019-10191
2019-07-16 18:15:12
nvd
nvd
CVE-2019-10190
2019-07-16 18:15:12
CVE-2019-10191
2019-07-16 18:15:12
cve
cve
CVE-2019-10190
2019-07-16 18:15:12
CVE-2019-10191
2019-07-16 18:15:12
redhatcve
redhatcve
CVE-2019-10190
2022-05-21 00:17:46
cvelist
cvelist
CVE-2019-10190
2019-07-16 17:50:05
CVE-2019-10191
2019-07-16 17:52:43
debian
debian
[SECURITY] [DLA 3795-1] knot-resolver security update
2024-04-26 05:50:31
prion
prion
Design/Logic Flaw
2019-07-16 18:15:00