CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1184

The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://secunia.com/advisories/29095
http://secunia.com/advisories/29127
http://sourceforge.net/mailarchive/forum.php?thread_name=sdlk5lolzj.fsf%40wes.hardakers.net&forum_name=dnssec-tools-users
http://www.securityfocus.com/bid/27998
http://www.vupen.com/english/advisories/2008/0673/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/40836
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00820.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00845.html
http://secunia.com/advisories/29095
http://secunia.com/advisories/29127
http://sourceforge.net/mailarchive/forum.php?thread_name=sdlk5lolzj.fsf%40wes.hardakers.net&forum_name=dnssec-tools-users
http://www.securityfocus.com/bid/27998
http://www.vupen.com/english/advisories/2008/0673/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/40836
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00820.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00845.html

Products affected by CVE-2008-1184

Dnssec-Tools » Dnssec-Tools » Version: Any

cpe:2.3:a:dnssec-tools:dnssec-tools:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1184

Products

Pricing

Contact Us