QwikSec

Security Database

CVE

CWE

Training

CVE-2017-15094

Published: Jan 23, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).

Vendor	Product	Versions
PowerDNS	PowerDNS Recursor	affected `from 4.0.0 up to and including 4.0.6`

Weaknesses (CWE)

References

https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.