메뉴 건너뛰기

검색창 닫기

GREATUSER

cve

CVE-2017-15091

관리자 2018.01.25 04:00 조회 수 : 13

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15091
이 게시물을
이 글의 추천인 목록 게시글 수정 내역 목록
번호 제목 글쓴이 날짜 조회 수
482 CVE-2017-0119 관리자 2017.03.18 1
481 CVE-2017-0125 관리자 2017.03.18 1
480 CVE-2017-7401 관리자 2017.04.04 1
479 CVE-2017-12843 (cyrus_imap, fedora) 관리자 2017.08.27 1
478 CVE-2017-7557 관리자 2017.08.27 1
477 CVE-2015-3617 관리자 2017.08.27 1
476 CVE-2017-12786 관리자 2017.08.27 1
475 CVE-2017-12785 관리자 2017.08.27 1
474 CVE-2015-6473 (wago_i/o_plc_750-849_firmware, wago_i/o_plc_758-870_firmware) 관리자 2017.08.27 1
473 CVE-2016-4460 관리자 2017.08.27 1
472 CVE-2016-6310 관리자 2017.08.27 1
471 CVE-2016-2102 관리자 2017.08.27 1
470 CVE-2017-5208 (icoutils) 관리자 2017.08.27 1
469 CVE-2017-13130 관리자 2017.08.27 1
468 CVE-2017-13131 (imagemagick) 관리자 2017.08.27 1
쓰기 태그
위로