| Severity |
|
| Remote |
|
| Type |
| + |
Insufficient validation |
|
| Description |
| + |
A vulnerability was found in Dnsmasq's implementation of DNSSEC before 2.79. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist. |
|
| References |
| + |
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4fe6744a220eddd3f1749b40cac3dfc510787de6 |
| + |
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html |
|
| Notes |
| + |
Requires DNSSEC support to be vulnerable |
|