CVE-2017-14494 – Dnsmasq < 2.78 - Information Leak
https://notcve.org/view.php?id=CVE-2017-14494
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Las versiones anteriores a la 2.78 de dnsmasq, cuando se configuran como retransmisor, permiten que los atacantes remotos obtengan información sensible de la memoria mediante vectores relacionados con la gestión de peticiones DHCPv6 reenviadas. An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. Dnsmasq versions prior to 2.78 suffer from an information leak vulnerability. • https://www.exploit-db.com/exploits/42944 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securitytrac • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-14495 – Dnsmasq < 2.78 - Lack of free() Denial of Service
https://notcve.org/view.php?id=CVE-2017-14495
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Una fuga de memoria en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante vectores relacionados con la creación de respuestas DNS. A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42945 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42946 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2015-8899
https://notcve.org/view.php?id=CVE-2015-8899
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. Dnsmasq en versiones anteriores a 2.76 permite a servidores remotos provocar una denegación de servicio (caída) a través de una respuesta con una dirección DNS vacía que tiene una grabación (1) A o (2) AAAA definida localmente. • http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 http://www.openwall.com/lists/oss-security/2016/06/03/7 http://www.openwall.com/lists/oss-security/2016/06/04/2 http://www.securityfocus.com/bid/91031 http://www.securitytracker.com/id/1036045 http://www.ubuntu.com/usn/USN-3009-1 • CWE-20: Improper Input Validation •
CVE-2015-3294
https://notcve.org/view.php?id=CVE-2015-3294
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. La función tcp_request en Dnsmasq anterior a 2.73rc4 no maneja correctamente el valor de retorno de la función setup_reply, lo que permite a atacantes remotos leer la memoria de procesos y causar una denegación de servicio (lectura fuera de rango y caída) a través de una solicitud DNS malformada. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8 http://www.debian.org/security/2015/dsa-3251 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/archive/1/535354/100/1100/threaded • CWE-19: Data Processing Errors •