CVE-2017-15091

2018-01-2315:29:00

Alpine Linux Development Team

security.alpinelinux.org

0.001 Low

EPSS

Percentile

30.4%

JSON

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.10-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.11-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.12-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.13-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.14-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.15-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.16-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.17-communitynoarchpdns< 4.0.5-r0UNKNOWN
Alpine3.18-communitynoarchpdns< 4.0.5-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.10-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.11-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.12-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.13-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.14-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.15-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.16-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.17-community	noarch	pdns	< 4.0.5-r0	UNKNOWN
Alpine	3.18-community	noarch	pdns	< 4.0.5-r0	UNKNOWN

Rows per page:

1-10 of 141

0.001 Low

EPSS

Percentile

30.4%

JSON

Related for ALPINE:CVE-2017-15091