12 matches found
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. I...
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. I...
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. I...
CVE-2017-15093
CVE-2017-15093 affects PowerDNS Recursor (4.x up to 4.0.6 and 3.x up to 3.7.4). An authenticated user can modify the Recursor’s ACL by adding/removing netmasks and configure forward zones when api-config-dir is non-empty. The root cause is insufficient validation of the new netmask and IP address...
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. I...
PowerDNS Recursor < 4.0.7 API Configuration Injection Vulnerability (CVE-2017-15093)
According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is prior to to 4.0.7. It is, therefore, affected by a vulnerability where a remote authenticated user can injection additional configuration directives via the API. Note that Nessus ha...
Fedora 27 : pdns-recursor (2017-608b6f5945)
Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora Update for pdns-recursor FEDORA-2017-81fe39ad9f
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for pdns-recursor FEDORA-2017-1585789772
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : pdns-recursor (2017-1585789772)
Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora 25 : pdns-recursor (2017-81fe39ad9f)
Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
[ASA-201711-31] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-201711-31 ========================================== Severity: Medium Date : 2017-11-27 CVE-ID : CVE-2017-15090 CVE-2017-15092 CVE-2017-15093 CVE-2017-15094 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-5...