Lucene search
Redhat.comRH:CVE-2017-15093HistoryMay 20, 2022 - 11:27 p.m.
CVE-2017-15093
2022-05-2023:27:39
redhat.com
access.redhat.com
6
0.001 Low
EPSS
Percentile
41.7%
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor’s ACL by adding and removing netmasks, and to configure forward zones. It was discovered that the new netmask and IP addresses of forwarded zones were not sufficiently validated, allowing an authenticated user to inject new configuration directives into the Recursor’s configuration.
Related
nessus
nessus
Fedora 26 : pdns-recursor (2017-1585789772)
2017-12-13 00:00:00
openSUSE Security Update : pdns-recursor (openSUSE-2017-1339)
2017-12-14 00:00:00
Fedora 27 : pdns-recursor (2017-608b6f5945)
2018-01-15 00:00:00
openvas
openvas
Fedora Update for pdns-recursor FEDORA-2017-608b6f5945
2017-12-14 00:00:00
Fedora Update for pdns-recursor FEDORA-2017-81fe39ad9f
2017-12-14 00:00:00
Fedora Update for pdns-recursor FEDORA-2017-1585789772
2017-12-14 00:00:00
archlinux
archlinux
[ASA-201711-31] powerdns-recursor: multiple issues
2017-11-27 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: pdns-recursor-4.0.7-1.fc25
2017-12-12 14:40:52
[SECURITY] Fedora 26 Update: pdns-recursor-4.0.7-1.fc26
2017-12-12 13:46:26
[SECURITY] Fedora 27 Update: pdns-recursor-4.0.7-1.fc27
2017-12-12 11:30:15
redhatcve
redhatcve
CVE-2017-15090
2022-05-20 22:30:18
checkpoint_advisories
checkpoint_advisories
nvd
nvd
debiancve
debiancve
cvelist
cvelist
osv
osv
ubuntucve
ubuntucve
alpinelinux
alpinelinux
prion
prion
Design/Logic Flaw
2018-01-23 15:29:00
Design/Logic Flaw
2018-01-23 15:29:00
Cross site scripting
2018-01-23 15:29:00
cve
cve