Lucene search
RedhatCVELIST:CVE-2017-15090HistoryNov 27, 2017 - 12:00 a.m.
CVE-2017-15090
2017-11-2700:00:00
CWE-347
redhat
www.cve.org
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.
CNA Affected
[
{
"product": "PowerDNS",
"vendor": "PowerDNS",
"versions": [
{
"status": "affected",
"version": "from 4.0.0 and up to and including 4.0.6"
}
]
}
]Related
prion
prion
Input validation
2018-01-23 15:29:00
nvd
nvd
CVE-2017-15090
2018-01-23 15:29:00
ubuntucve
ubuntucve
CVE-2017-15090
2018-01-23 00:00:00
alpinelinux
alpinelinux
CVE-2017-15090
2018-01-23 15:29:00
osv
osv
CVE-2017-15090
2018-01-23 15:29:00
cve
cve
CVE-2017-15090
2018-01-23 15:29:00
debiancve
debiancve
CVE-2017-15090
2018-01-23 15:29:00
nessus
nessus
Fedora 27 : pdns-recursor (2018-76c82b393e)
2018-06-14 00:00:00
PowerDNS Recursor 4.0.x < 4.0.7 Multiple Vulnerabilities
2018-01-19 00:00:00
Fedora 27 : pdns-recursor (2017-608b6f5945)
2018-01-15 00:00:00
openvas
openvas
PowerDNS Recursor Multiple Vulnerabilities
2017-11-28 00:00:00
Fedora Update for pdns-recursor FEDORA-2017-1585789772
2017-12-14 00:00:00
Fedora Update for pdns-recursor FEDORA-2017-81fe39ad9f
2017-12-14 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: pdns-recursor-4.0.7-1.fc26
2017-12-12 13:46:26
[SECURITY] Fedora 25 Update: pdns-recursor-4.0.7-1.fc25
2017-12-12 14:40:52
[SECURITY] Fedora 27 Update: pdns-recursor-4.0.7-1.fc27
2017-12-12 11:30:15
redhatcve
redhatcve
CVE-2017-15090
2022-05-20 22:30:18
CVE-2017-15093
2022-05-20 23:27:39
archlinux
archlinux
[ASA-201711-31] powerdns-recursor: multiple issues
2017-11-27 00:00:00