Medium severity5.3NVD Advisory· Published Sep 11, 2018· Updated Jun 17, 2026
CVE-2016-7073
CVE-2016-7073
Description
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <4.0.4
- Open-Xchange/pdnsv5Range: 3.4.11
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- doc.powerdns.com/md/security/powerdns-advisory-2016-04/nvdVendor Advisory
- www.debian.org/security/2017/dsa-3764nvdThird Party Advisory
News mentions
0No linked articles in our index yet.