CVE-2008-3214
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
dnsmasq versión 2.25, permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) al (1) renovar una concesión inexistente o (2) enviar un DHCPREQUEST para una dirección IP que no está en la misma red, relacionada con la respuesta NAK DHCP del demonio.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-07-18 CVE Reserved
- 2008-07-18 CVE Published
- 2024-07-24 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2008/06/30/7 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2008/07/01/8 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2008/07/02/4 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2008/07/03/4 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2008/07/08/8 | Mailing List |
|
| http://www.thekelleys.org.uk/dnsmasq/CHANGELOG | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/43929 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2008/07/12/3 | 2024-08-07 | |
| https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Thekelleys Search vendor "Thekelleys" | Dnsmasq Search vendor "Thekelleys" for product "Dnsmasq" | 2.25 Search vendor "Thekelleys" for product "Dnsmasq" and version "2.25" | - |
Affected
| ||||||