Hide Forgot
An issue has been found in PowerDNS allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack. External References: https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/