CVE-2017-15094
N/A
N/A
Summary
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PowerDNS | PowerDNS Recursor | from 4.0.0 up to and including 4.0.6 | affected |
Weaknesses
- CWE-401: CWE-401
ADP Enrichment
CVE Program Container
Additional References
- https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html
- http://www.securityfocus.com/bid/101982
References
- https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html
- http://www.securityfocus.com/bid/101982
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.