CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 1CVE-2020-25686 – dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
https://notcve.org/view.php?id=CVE-2020-25686
19 Jan 2021 — A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned i... • https://github.com/knqyf263/dnspooq • CWE-290: Authentication Bypass by Spoofing CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-14834 – dnsmasq: memory leak in the create_helper() function in /src/helper.c
https://notcve.org/view.php?id=CVE-2019-14834
07 Jan 2020 — A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. Se encontró una vulnerabilidad en dnsmasq versiones anteriores a la versión 2.81, donde la pérdida de memoria permite a atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de vectores que implican una creación de respuesta DHCP. A flaw was found in the Dnsmasq application where a ... • http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=69bc94779c2f035a9fffdb5327a54c3aeca73ed5 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-14513 – Ubuntu Security Notice USN-4924-1
https://notcve.org/view.php?id=CVE-2019-14513
01 Aug 2019 — Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491. La comprobación incorrecta de límites en Dnsmasq anterior de la versión 2.76 permite que un servidor DNS controlado por el atacante envíe paquetes DNS grandes que resultan en una operación de lectura más allá del búfer asignado para el paquete, una vulnerabilidad diferente ... • https://github.com/Slovejoy/dnsmasq-pre2.76 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15107 – Ubuntu Security Notice USN-4924-1
https://notcve.org/view.php?id=CVE-2017-15107
23 Jan 2018 — A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist. Se ha descubierto una vulnerabilidad en la implementación de DNSSEC en Dnsmasq hasta la versión 2.78, también incluida. Los registros NSEC sintetizados con caracteres comodín podrían interpretarse erróneamente para probar la falta de nombres de host que existen de verdad. It was discovered... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00027.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 7.5EPSS: 63%CPEs: 13EXPL: 0CVE-2017-13704
https://notcve.org/view.php?id=CVE-2017-13704
02 Oct 2017 — In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. En las versiones anteriores a la 2.78 de dnsmasq, si el tamaño del paquete DNS no coincide con el tamaño esperado, el parámetro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiend... • http://thekelleys.org.uk/dnsmasq/CHANGELOG • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 92%CPEs: 12EXPL: 2CVE-2017-14495 – Dnsmasq < 2.78 - Lack of free() Denial of Service
https://notcve.org/view.php?id=CVE-2017-14495
02 Oct 2017 — Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Una fuga de memoria en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante vectores relacionados con la creació... • https://packetstorm.news/files/id/144468 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 95%CPEs: 12EXPL: 2CVE-2017-14492 – Dnsmasq < 2.78 - Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14492
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario mediante una petición manipulada de anuncio de router IPv6. A heap buffer overflow was discovered in dnsmasq in... • https://packetstorm.news/files/id/144479 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 63%CPEs: 12EXPL: 3CVE-2017-14493 – Dnsmasq < 2.78 - Stack Overflow
https://notcve.org/view.php?id=CVE-2017-14493
02 Oct 2017 — Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Un desbordamiento de búfer basado en pila en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario mediante una petición DHCPv6 manipulada. A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could sen... • https://packetstorm.news/files/id/144473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 54%CPEs: 54EXPL: 4CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14491
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replie... • https://packetstorm.news/files/id/144480 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 7%CPEs: 12EXPL: 2CVE-2017-14494 – Dnsmasq < 2.78 - Information Leak
https://notcve.org/view.php?id=CVE-2017-14494
02 Oct 2017 — dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Las versiones anteriores a la 2.78 de dnsmasq, cuando se configuran como retransmisor, permiten que los atacantes remotos obtengan información sensible de la memoria mediante vectores relacionados con la gestión de peticiones DHCPv6 reenviadas. An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local netwo... • https://packetstorm.news/files/id/144471 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •