메뉴 건너뛰기

GREATUSER

cve

CVE-2017-15091

관리자 2018.01.25 04:00 조회 수 : 17

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15091
번호 제목 글쓴이 날짜 조회 수
137 CVE-2017-16607 관리자 2018.01.25 15
136 CVE-2017-16610 관리자 2018.01.25 15
135 CVE-2017-18049 관리자 2018.01.25 15
134 CVE-2018-1000009 관리자 2018.01.25 15
133 CVE-2017-15094 관리자 2018.01.25 15
132 CVE-2017-5685 관리자 2017.04.04 16
131 CVE-2017-9644 관리자 2017.08.27 16
130 CVE-2017-16618 관리자 2017.11.09 16
129 CVE-2017-16659 관리자 2017.11.09 16
128 CVE-2017-12114 관리자 2018.01.25 16
127 CVE-2018-1000003 관리자 2018.01.25 16
126 CVE-2017-16606 관리자 2018.01.25 16
125 CVE-2018-1000016 관리자 2018.01.25 16
124 CVE-2017-15105 관리자 2018.01.25 16
123 CVE-2017-12707 관리자 2017.08.27 17
위로