CVSS: 7.8EPSS: 7%CPEs: 21EXPL: 1CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42946 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-8899
https://notcve.org/view.php?id=CVE-2015-8899
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. Dnsmasq en versiones anteriores a 2.76 permite a servidores remotos provocar una denegación de servicio (caída) a través de una respuesta con una dirección DNS vacía que tiene una grabación (1) A o (2) AAAA definida localmente. • http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 http://www.openwall.com/lists/oss-security/2016/06/03/7 http://www.openwall.com/lists/oss-security/2016/06/04/2 http://www.securityfocus.com/bid/91031 http://www.securitytracker.com/id/1036045 http://www.ubuntu.com/usn/USN-3009-1 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 1CVE-2015-3294
https://notcve.org/view.php?id=CVE-2015-3294
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. La función tcp_request en Dnsmasq anterior a 2.73rc4 no maneja correctamente el valor de retorno de la función setup_reply, lo que permite a atacantes remotos leer la memoria de procesos y causar una denegación de servicio (lectura fuera de rango y caída) a través de una solicitud DNS malformada. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8 http://www.debian.org/security/2015/dsa-3251 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/archive/1/535354/100/1100/threaded • CWE-19: Data Processing Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2013-0198
https://notcve.org/view.php?id=CVE-2013-0198
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411. Dnsmasq anterior a v2.66test2, cuando se utiliza con ciertas configuraciones de libvirt, responde a consultas desde interfaces prohibidas, lo que permite a atacantes remotos provocar una denegación de servicio (amplificación de tráfico) a través de falsas consultas DNS mediante TCP. NOTA: esta vulnerabilidad se debe a un fix incompleto para CVE-2012-3411. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 http://www.openwall.com/lists/oss-security/2013/01/18/2 http://www.openwall.com/lists/oss-security/2013/01/18/7 http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6 https://bugzilla.redhat.com/show_bug.cgi?id=894486 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0CVE-2012-3411 – libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks
https://notcve.org/view.php?id=CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. Dnsmasq anterior a v2.63test1, cuando se usa con determinadas configuraciones en libvirt, contesta a las peticiones desde interfaces prohibidas, lo que permite a atacantes remotos provocar una denegación de servicios (amplificación de tráfico) a través de una petición DNS falsificada. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372 http://rhn.redhat.com/errata/RHSA-2013-0276.html http://rhn.redhat.com/errata/RHSA-2013-0277.html http://rhn.redhat.com/errata/RHSA-2013-0579.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0 http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 http://www.openwall.c • CWE-20: Improper Input Validation •