Intrusion Prevention



This indicates an attack attempt against a Code Injection vulnerability in PowerDNS Recursor.
The vulnerability exists in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping. A remote attacker may be able to exploit this to injection arbitrary code into the web interface, thus, altering the content

Affected Products

PowerDNS Recursor from 4.0.0 to 4.0.6.


System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Apply patch, available from the website.