Detections
Analytics

Alpine: multiple pdns-recursor packages: security update to 4.0.7-r0

medium Tenable Cloud Security Plugin ID 406249

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and
 including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in
 bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter
 the content of records by issuing a valid signature for the crafted records. (CVE-2017-15090)

 - A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and
 including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote
 attacker to inject HTML and Javascript code into the web interface, altering the content. (CVE-2017-15092)

 - When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS
 Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to
 update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. It was
 discovered that the new netmask and IP addresses of forwarded zones were not sufficiently validated,
 allowing an authenticated user to inject new configuration directives into the Recursor's configuration.
 (CVE-2017-15093)

 - An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including
 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only
 parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate
 (default). (CVE-2017-15094)

See Also

https://security.alpinelinux.org/vuln/CVE-2017-15090

https://security.alpinelinux.org/vuln/CVE-2017-15092

https://security.alpinelinux.org/vuln/CVE-2017-15093

https://security.alpinelinux.org/vuln/CVE-2017-15094

Plugin Details

Severity: Medium

ID: 406249

Version: Revision 1.28

Type: Local

Published: 10/31/2023

Updated: 12/4/2025

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2017-15092

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/27/2017

Reference Information

CVE: CVE-2017-15090, CVE-2017-15092, CVE-2017-15093, CVE-2017-15094

BID: 101982