CVE-2013-0198
https://notcve.org/view.php?id=CVE-2013-0198
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411. Dnsmasq anterior a v2.66test2, cuando se utiliza con ciertas configuraciones de libvirt, responde a consultas desde interfaces prohibidas, lo que permite a atacantes remotos provocar una denegación de servicio (amplificación de tráfico) a través de falsas consultas DNS mediante TCP. NOTA: esta vulnerabilidad se debe a un fix incompleto para CVE-2012-3411. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 http://www.openwall.com/lists/oss-security/2013/01/18/2 http://www.openwall.com/lists/oss-security/2013/01/18/7 http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6 https://bugzilla.redhat.com/show_bug.cgi?id=894486 • CWE-20: Improper Input Validation •
CVE-2012-3411 – libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks
https://notcve.org/view.php?id=CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. Dnsmasq anterior a v2.63test1, cuando se usa con determinadas configuraciones en libvirt, contesta a las peticiones desde interfaces prohibidas, lo que permite a atacantes remotos provocar una denegación de servicios (amplificación de tráfico) a través de una petición DNS falsificada. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372 http://rhn.redhat.com/errata/RHSA-2013-0276.html http://rhn.redhat.com/errata/RHSA-2013-0277.html http://rhn.redhat.com/errata/RHSA-2013-0579.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0 http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 http://www.openwall.c • CWE-20: Improper Input Validation •
CVE-2009-2957 – Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request. Desbordamiento de búfer basado en memoria dinámica en la función tftp_request en tftp.c en dnsmasq anterior v2.50, cuando --enable-tftp es usado, puede permitir a atacantes remotos ejecutar código a su elección a través de un nombre de fichero largo en un paquete TFTP, como queda demostrado en una lectura de respuesta (RRQ). • https://www.exploit-db.com/exploits/9617 http://secunia.com/advisories/36563 http://www.coresecurity.com/content/dnsmasq-vulnerabilities http://www.redhat.com/support/errata/RHSA-2009-1238.html http://www.securityfocus.com/bid/36121 http://www.thekelleys.org.uk/dnsmasq/CHANGELOG http://www.ubuntu.com/usn/USN-827-1 https://bugzilla.redhat.com/show_bug.cgi?id=519020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10538 https://rhn.redhat.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2958 – Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2009-2958
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option. La función tftp_request en tftp.c en dnsmasq en versiones anteriores a la 2.50, cuando se usa --enable-tftp, permite a atacantes remotos provocar una denegación de servicio (referencia a un puntero nulo y caída del demonio) mediante una petición de lectura TFTP (alias RRQ) con una opción blksize malformada. • https://www.exploit-db.com/exploits/9617 http://secunia.com/advisories/36563 http://www.coresecurity.com/content/dnsmasq-vulnerabilities http://www.redhat.com/support/errata/RHSA-2009-1238.html http://www.securityfocus.com/bid/36120 http://www.thekelleys.org.uk/dnsmasq/CHANGELOG http://www.ubuntu.com/usn/USN-827-1 https://bugzilla.redhat.com/show_bug.cgi?id=519020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9816 https://rhn.redhat.co • CWE-399: Resource Management Errors •
CVE-2008-3214
https://notcve.org/view.php?id=CVE-2008-3214
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon. dnsmasq versión 2.25, permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) al (1) renovar una concesión inexistente o (2) enviar un DHCPREQUEST para una dirección IP que no está en la misma red, relacionada con la respuesta NAK DHCP del demonio. • http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681 http://www.openwall.com/lists/oss-security/2008/06/30/7 http://www.openwall.com/lists/oss-security/2008/07/01/8 http://www.openwall.com/lists/oss-security/2008/07/02/4 http://www.openwall.com/lists/oss-security/2008/07/03/4 http://www.openwall.com/lists/oss-security/2008/07/08/8 http://www.openwall.com/lists/oss-security/2008/07/12/3 http://www.thekelleys.org.uk/dnsmasq • CWE-20: Improper Input Validation •