Download
| Alert*
oval:org.secpod.oval:def:1801769
An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction.changed the descriptionmade the issue visible to ever ... oval:org.secpod.oval:def:2004249 In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. |