virus logo Intrusion Prevention

PowerDNS.Recursor.Web.Interface.Script.Injection

description-logoDescription

This indicates an attack attempt against a Code Injection vulnerability in PowerDNS Recursor.
The vulnerability exists in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping. A remote attacker may be able to exploit this to injection arbitrary code into the web interface, thus, altering the content

affected-products-logoAffected Products

PowerDNS Recursor from 4.0.0 to 4.0.6.

Impact logoImpact

System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

recomended-action-logoRecommended Actions

Apply patch, available from the website.
https://downloads.powerdns.com/patches/2017-05/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 44743
Created Oct 26, 2017
Updated Nov 27, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Linux
Affected App Other