exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-15090

около 8 лет назад

An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.

CVSS3: 5.9

EPSS: Низкий

CVE-2017-15090

около 8 лет назад

An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.

CVSS3: 5.9

EPSS: Низкий

CVE-2017-15090

около 8 лет назад

An issue has been found in the DNSSEC validation component of PowerDNS ...

CVSS3: 5.9

EPSS: Низкий

GHSA-pr86-5p67-45rx

больше 3 лет назад

An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.

CVSS3: 5.9

EPSS: Низкий

openSUSE-SU-2017:3218-1

около 8 лет назад

Security update for pdns-recursor

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-15090 An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.	CVSS3: 5.9	0% Низкий	около 8 лет назад
CVE-2017-15090 An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.	CVSS3: 5.9	0% Низкий	около 8 лет назад
CVE-2017-15090 An issue has been found in the DNSSEC validation component of PowerDNS ...	CVSS3: 5.9	0% Низкий	около 8 лет назад
GHSA-pr86-5p67-45rx An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.	CVSS3: 5.9	0% Низкий	больше 3 лет назад
openSUSE-SU-2017:3218-1 Security update for pdns-recursor			около 8 лет назад

Уязвимостей на страницу