powerdns-recursor

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Resolving DNS server
Version 4.1.1-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-520 4.0.6-3 4.0.7-1 Medium Fixed
AVG-148 4.0.3-7 4.0.4-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-15094 AVG-520 Medium Yes Denial of service
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, during a code audit by Nixu, leading to a...
CVE-2017-15093 AVG-520 Medium Yes Insufficient validation
An issue has been found in the API of PowerDNS Recursor < 4.0.7, during a source code audit by Nixu. When 'api-config-dir' is set to a non-empty value,...
CVE-2017-15092 AVG-520 Medium Yes Cross-site scripting
An issue has been found in the web interface of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the qname of DNS queries was displayed...
CVE-2017-15090 AVG-520 Medium Yes Insufficient validation
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 up to and including 4.0.5, where the signatures might have been...
CVE-2016-7074 AVG-148 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7073 AVG-148 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7068 AVG-148 Medium Yes Denial of service
An issue has been found in PowerDNS allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending...

Advisories

Date Advisory Group Severity Description
27 Nov 2017 ASA-201711-31 AVG-520 Medium multiple issues
19 Jan 2017 ASA-201701-30 AVG-148 Medium multiple issues