CVE-2017-15090 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-15090 Interim 1 9 2023-12-08T01:20:44Z current 2021-05-30T14:02:49Z 2023-12-08T01:20:44Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-15090 An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed pdns-recursor-4.5.5-1.3 pdns-recursor-4.5.5-1.3 as a component of openSUSE Tumbleweed An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records. CVE-2017-15090 openSUSE Tumbleweed:pdns-recursor-4.5.5-1.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N