메뉴 건너뛰기

GREATUSER

cve

CVE-2017-15091

관리자 2018.01.25 04:00 조회 수 : 178

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15091
번호 제목 글쓴이 날짜 조회 수
107 CVE-2017-0045 관리자 2017.03.18 134
106 CVE-2017-16545 (graphicsmagick) 관리자 2017.11.09 133
105 CVE-2017-7400 관리자 2017.04.04 133
104 CVE-2018-6002 관리자 2018.01.25 132
103 CVE-2017-6562 관리자 2017.03.10 132
102 CVE-2018-1042 관리자 2018.01.25 131
101 CVE-2017-15887 관리자 2017.11.09 131
100 CVE-2017-0115 관리자 2017.03.18 131
99 CVE-2017-0107 관리자 2017.03.18 131
98 CVE-2017-0033 관리자 2017.03.18 131
97 CVE-2017-16644 관리자 2017.11.09 130
96 CVE-2017-7325 관리자 2018.01.25 127
95 CVE-2017-14120 관리자 2017.09.04 127
94 CVE-2015-4699 관리자 2017.08.27 127
93 CVE-2017-0087 관리자 2017.03.18 127
위로