ID CVE-2017-14496
Summary Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
References
Vulnerable Configurations
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
    cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*
    cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:-:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:-:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.95:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.95:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.96:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.96:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.98:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.98:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.992:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.992:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:0.996:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:0.996:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.15:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.16:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.17:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:1.18:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.11:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.13:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.14:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.15:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.16:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.17:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.18:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.19:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.20:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.21:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.22:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.23:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.24:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.26:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.27:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.28:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.28:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.29:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.29:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.30:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.30:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.31:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.31:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.33:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.33:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.34:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.34:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.35:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.35:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.36:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.36:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.37:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.37:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.38:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.38:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.39:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.39:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.40:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.40:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.41:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.41:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.42:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.42:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.43:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.43:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.44:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.44:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.45:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.45:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.46:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.46:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.47:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.47:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.48:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.48:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.49:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.49:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.50:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.50:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.51:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.51:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.52:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.52:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.53:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.53:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.54:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.54:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.55:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.55:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.56:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.56:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.57:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.57:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.58:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.58:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.59:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.59:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.60:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.60:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.61:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.61:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.62:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.62:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.63:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.63:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.64:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.64:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.65:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.65:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.66:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.66:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.67:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.67:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.68:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.68:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.69:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.69:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.70:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.70:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.71:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.71:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.72:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.72:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.73:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.73:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.74:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.74:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.75:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.75:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.76:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.76:*:*:*:*:*:*:*
  • cpe:2.3:a:thekelleys:dnsmasq:2.77:*:*:*:*:*:*:*
    cpe:2.3:a:thekelleys:dnsmasq:2.77:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 11-05-2018 - 01:29)
Impact:
Exploitability:
CWE CWE-191
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
redhat via4
advisories
bugzilla
id 1495416
title CVE-2017-14496 dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment dnsmasq is earlier than 0:2.76-2.el7_4.2
          oval oval:com.redhat.rhsa:tst:20172836001
        • comment dnsmasq is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20172117002
      • AND
        • comment dnsmasq-utils is earlier than 0:2.76-2.el7_4.2
          oval oval:com.redhat.rhsa:tst:20172836003
        • comment dnsmasq-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20172117004
rhsa
id RHSA-2017:2836
released 2017-10-02
severity Critical
title RHSA-2017:2836: dnsmasq security update (Critical)
rpms
  • dnsmasq-0:2.76-2.el7_4.2
  • dnsmasq-debuginfo-0:2.76-2.el7_4.2
  • dnsmasq-utils-0:2.76-2.el7_4.2
refmap via4
bid
  • 101085
  • 101977
cert-vn VU#973527
confirm
debian DSA-3989
exploit-db 42946
gentoo GLSA-201710-27
misc https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
mlist
  • [dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.
  • [dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.
sectrack 1039474
suse openSUSE-SU-2017:2633
ubuntu
  • USN-3430-1
  • USN-3430-2
Last major update 11-05-2018 - 01:29
Published 03-10-2017 - 01:29
Last modified 11-05-2018 - 01:29
Back to Top