Date: Fri, 6 Nov 2015 10:45:58 +0100 From: Pieter Lexis <pieter.lexis@...erdns.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: CVE request: stored XSS in PowerDNS < 3.4.7 Hi, On 11/06/2015 10:07 AM, Damien Cauquil wrote: > PowerDNS < 3.4.7 was prone to a stored XSS vulnerability, now fixed in > version 3.4.7. > > This commit by the PowerDNS team fixes it: > > https://github.com/PowerDNS/pdns/commit/416d252 > > Could a CVE be assigned to this issue ? This stored XSS was in a component (the built-in webserver) that 1) is disabled by default 2) should only be opened up on a non-public network (or with authentications in front) 3) serves a simple read-only webpage To 'exploit' this XSS, someone with knowledge of the target's infrastructure must send the target a malicious link (with the exploit code embedded in the link). As this is built-in webpage is (should) only accessible to the operators of the DNS server, the attack-surface for this attack is very low. We consider this XSS a very low risk vulnerability because of this and suggest a CVE be not assigned. -- Pieter Lexis PowerDNS.COM BV - https://www.powerdns.com [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ