Alpine Linux: CVE-2017-15094: pdns-recursor Multiple vulnerabilities
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||December 06, 2017||December 17, 2017||January 16, 2018|
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor during a code audit by Nixu, leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default). This issue has been assigned CVE-2017-15094.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!