Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
PowerDNS Authoritative Server和PowerDNS Recursor 安全漏洞
Vulnerability Description
PowerDNS Authoritative Server和PowerDNS Recursor都是荷兰PowerDNS公司的产品。PowerDNS Authoritative Server是一款DNS服务器。PowerDNS Recursor是一款域名解析服务器。 PowerDNS Authoritative Server和PowerDNS Recursor中存在安全漏洞,该漏洞源于程序没有充分地验证TSIG签名。攻击者可利用该漏洞实施中间人攻击,更改AXFR的内容。以下产品和版本受到影响:PowerDN
CVSS Information
N/A
Vulnerability Type
N/A