Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-13704
Vulnerability from cvelistv5
Published
2017-10-02 21:00
Modified
2024-08-05 19:05
Severity ?
EPSS score ?
Summary
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:05:20.078Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1039474", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039474", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101085", }, { name: "101977", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101977", }, { name: "FEDORA-2017-274d763ed8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-09-06T00:00:00", descriptions: [ { lang: "en", value: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-10T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1039474", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039474", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101085", }, { name: "101977", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101977", }, { name: "FEDORA-2017-274d763ed8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { tags: [ "x_refsource_MISC", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-13704", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1039474", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039474", }, { name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", refsource: "CONFIRM", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "https://access.redhat.com/security/vulnerabilities/3199382", refsource: "CONFIRM", url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", refsource: "BID", url: "http://www.securityfocus.com/bid/101085", }, { name: "101977", refsource: "BID", url: "http://www.securityfocus.com/bid/101977", }, { name: "FEDORA-2017-274d763ed8", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", refsource: "CONFIRM", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", refsource: "CONFIRM", url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", refsource: "MISC", url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-13704", datePublished: "2017-10-02T21:00:00", dateReserved: "2017-08-25T00:00:00", dateUpdated: "2024-08-05T19:05:20.078Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2017-13704\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-03T01:29:01.637\",\"lastModified\":\"2024-11-21T03:11:28.383\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.\"},{\"lang\":\"es\",\"value\":\"En las versiones anteriores a la 2.78 de dnsmasq, si el tamaño del paquete DNS no coincide con el tamaño esperado, el parámetro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiendo hasta 0xffffffff ceros (0xffffffffffffffff en plataformas de 64 bits), haciendo que dnsmasq se cierre de manera inesperada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B21E9A8-CE63-42C2-A11A-94D977A96DF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A64AAD2D-38ED-4BA2-A27A-A2716F28D43A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76221AE4-1A3C-48EC-AFC2-1819BE4D3DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.77\",\"matchCriteriaId\":\"B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98\"}]}]}],\"references\":[{\"url\":\"http://thekelleys.org.uk/dnsmasq/CHANGELOG\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/101085\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/101977\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1039474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/3199382\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://thekelleys.org.uk/dnsmasq/CHANGELOG\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/101085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/101977\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1039474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/3199382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
icsa-17-332-01
Vulnerability from csaf_cisa
Published
2017-11-28 00:00
Modified
2020-10-13 00:00
Summary
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses.
Critical infrastructure sectors
Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Siemens Product CERT", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses.", title: "Risk evaluation", }, { category: "other", text: "Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-17-332-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-332-01.json", }, { category: "self", summary: "ICS Advisory ICSA-17-332-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-17-332-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-689071: DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-689071.txt", }, ], title: "Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)", tracking: { current_release_date: "2020-10-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-17-332-01", initial_release_date: "2017-11-28T00:00:00.000000Z", revision_history: [ { date: "2017-11-28T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, and S615", }, { date: "2018-04-05T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-17-332-01 Siemens SIMATIC SCALANCE W1750D, M800, and S615 (Update A)", }, { date: "2018-05-10T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, and S615 (Update B)", }, { date: "2020-10-13T00:00:00.000000Z", legacy_version: "C", number: "4", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V5.0", product: { name: "RUGGEDCOM RM1224: All versions < V5.0", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224", }, { branches: [ { category: "product_version_range", name: "All versions < V5.0", product: { name: "SCALANCE M-800 / S615: All versions < V5.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SCALANCE M-800 / S615", }, { branches: [ { category: "product_version_range", name: "All versions < V6.5.1.5", product: { name: "SCALANCE W1750D: All versions < V6.5.1.5", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "SCALANCE W1750D", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2017-13704", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13704", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14495", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14496", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14491", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14495", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14491", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14496", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, ], }
ICSA-17-332-01
Vulnerability from csaf_cisa
Published
2017-11-28 00:00
Modified
2020-10-13 00:00
Summary
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses.
Critical infrastructure sectors
Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Siemens Product CERT", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses.", title: "Risk evaluation", }, { category: "other", text: "Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-17-332-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-332-01.json", }, { category: "self", summary: "ICS Advisory ICSA-17-332-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-17-332-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", }, { category: "external", summary: "SSA-496604: SSA-689071: DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/SSA-689071.txt", }, ], title: "Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)", tracking: { current_release_date: "2020-10-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-17-332-01", initial_release_date: "2017-11-28T00:00:00.000000Z", revision_history: [ { date: "2017-11-28T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, and S615", }, { date: "2018-04-05T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-17-332-01 Siemens SIMATIC SCALANCE W1750D, M800, and S615 (Update A)", }, { date: "2018-05-10T00:00:00.000000Z", legacy_version: "B", number: "3", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, and S615 (Update B)", }, { date: "2020-10-13T00:00:00.000000Z", legacy_version: "C", number: "4", summary: "ICSA-17-332-01 Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions < V5.0", product: { name: "RUGGEDCOM RM1224: All versions < V5.0", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224", }, { branches: [ { category: "product_version_range", name: "All versions < V5.0", product: { name: "SCALANCE M-800 / S615: All versions < V5.0", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "SCALANCE M-800 / S615", }, { branches: [ { category: "product_version_range", name: "All versions < V6.5.1.5", product: { name: "SCALANCE W1750D: All versions < V6.5.1.5", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "SCALANCE W1750D", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2017-13704", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13704", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14495", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14496", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14491", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "summary", text: "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14495", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14491", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, { cve: "CVE-2017-14496", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, references: [ { category: "external", summary: "https://support.industry.siemens.com/cs/ww/en/view/109778052", url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, ], remediations: [ { category: "vendor_fix", details: "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the\ndevice configuration (System - DNS - DNS Proxy - Disable Checkbox\n„Enable DNS Proxy\"), and configure the connected devices in the internal\nnetwork to use a different DNS server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "SCALANCE W1750D: If \"OpenDNS\", \"Captive Portal\" or \"URL redirection\"\nfunctionality is not used, deploy firewall rules in the device\nconfiguration to block incoming access to port 53/UDP", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0001", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V5.0 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109757544 ", product_ids: [ "CSAFPID-0002", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109757544", }, { category: "vendor_fix", details: "Update to V6.5.1.5 or later version - Download: https://support.industry.siemens.com/cs/ww/en/view/109778052 ", product_ids: [ "CSAFPID-0003", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109778052", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", ], }, ], }, ], }
ghsa-mprq-hpvv-8wcc
Vulnerability from github
Published
2022-05-14 03:24
Modified
2022-05-14 03:24
Severity ?
Details
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
{ affected: [], aliases: [ "CVE-2017-13704", ], database_specific: { cwe_ids: [ "CWE-20", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2017-10-03T01:29:00Z", severity: "HIGH", }, details: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", id: "GHSA-mprq-hpvv-8wcc", modified: "2022-05-14T03:24:43Z", published: "2022-05-14T03:24:43Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-13704", }, { type: "WEB", url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { type: "WEB", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK", }, { type: "WEB", url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { type: "WEB", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { type: "WEB", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { type: "WEB", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { type: "WEB", url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { type: "WEB", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { type: "WEB", url: "http://www.securityfocus.com/bid/101085", }, { type: "WEB", url: "http://www.securityfocus.com/bid/101977", }, { type: "WEB", url: "http://www.securitytracker.com/id/1039474", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
var-201710-1267
Vulnerability from variot
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1267", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fedora", scope: "eq", trust: 1.3, vendor: "fedoraproject", version: "27", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "17.04", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "14.04", }, { model: "leap", scope: "eq", trust: 1, vendor: "novell", version: "42.3", }, { model: "dnsmasq", scope: "lte", trust: 1, vendor: "thekelleys", version: "2.77", }, { model: "leap", scope: "eq", trust: 1, vendor: "novell", version: "42.2", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.1", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.0", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "16.04", }, { model: "dnsmasq", scope: "eq", trust: 0.9, vendor: "thekelleys", version: "2.77", }, { model: null, scope: null, trust: 0.8, vendor: "ruckus", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "technicolor", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "zyxel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "dnsmasq", version: null, }, { model: "ubuntu", scope: null, trust: 0.8, vendor: "canonical", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "dnsmasq", scope: "lt", trust: 0.8, vendor: "thekelleys", version: "2.78", }, { model: "enterprise linux desktop", scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: "enterprise linux server", scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: "enterprise linux workstation", scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: "enterprise linux server year extended update support", scope: "eq", trust: 0.6, vendor: "redhat", version: "-47.4", }, { model: "scalance w1750d", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance s615", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "scalance m800", scope: "eq", trust: 0.3, vendor: "siemens", version: "0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "17.04", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "16.04", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "14.04", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.2.2", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.75", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.72", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.71", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.70", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.7", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.65", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.64", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.63", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.62", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.61", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.60", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.6", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.59", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.58", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.57", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.56", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.55", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.54", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.53", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.52", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.51", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.50", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.49", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.48", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.47", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.46", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.45", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.44", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.43", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.42", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.41", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.40", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.4", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.38", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.37", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.36", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.35", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.34", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.33", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.30", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.29", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.28", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.27", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.26", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.25", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.24", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.23", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.22", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.21", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.20", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.2", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.19", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.18", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.17", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.16", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.15", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.14", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.13", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.12", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.11", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "2.10", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.9", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.8", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.6", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.5", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.4", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.3", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.18", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.17", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.16", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.15", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.14", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.13", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.12", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.11", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.10", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "1.0", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.996", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.992", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.98", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.96", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.95", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.7", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.6", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.5", }, { model: "dnsmasq", scope: "eq", trust: 0.3, vendor: "thekelleys", version: "0.4", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "14.2", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "14.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "14.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "13.37", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "13.1", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "slackware", version: "13.0", }, { model: "enterprise linux workstation optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux workstation optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux server tus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.6", }, { model: "enterprise linux server tus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.5", }, { model: "enterprise linux server optional eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "enterprise linux server optional eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.2", }, { model: "enterprise linux server optional eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.5", }, { model: "enterprise linux server optional aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.6", }, { model: "enterprise linux server optional aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.5", }, { model: "enterprise linux server optional aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.4", }, { model: "enterprise linux server optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux server optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux server for arm", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux server eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "enterprise linux server eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.2", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.6", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.5", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.4", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "6.2", }, { model: "enterprise linux server tus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux server tus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux server tus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux server extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux server extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux server extended update suppor", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux server aus", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux server year extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-47.2", }, { model: "enterprise linux server year extended upd", scope: "eq", trust: 0.3, vendor: "redhat", version: "-47.3", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "enterprise linux long life server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5.9", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux for scientific computing", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux for power little endian extended update supp", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux for power little endian", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux for power big endian extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux for power little endian extended update suppo", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux for power little endian extended update suppo", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux for power big endian extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux for power big endian extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux for ibm z systems extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.4", }, { model: "enterprise linux for ibm z systems extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.3", }, { model: "enterprise linux for ibm z systems extended update support", scope: "eq", trust: 0.3, vendor: "redhat", version: "-7.2", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux eus compute node", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.4", }, { model: "enterprise linux eus compute node", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "enterprise linux eus compute node", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.2", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "enterprise linux computenode optional eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "enterprise linux computenode optional eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.2", }, { model: "enterprise linux computenode optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux computenode eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.3", }, { model: "enterprise linux computenode eus", scope: "eq", trust: 0.3, vendor: "redhat", version: "7.2", }, { model: "enterprise linux computenode", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "7", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "leap", scope: "eq", trust: 0.3, vendor: "opensuse", version: "42.3", }, { model: "leap", scope: "eq", trust: 0.3, vendor: "opensuse", version: "42.2", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.7.6", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.7", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.6.10", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.6", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.5.7", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.5", }, { model: "kubernetes", scope: "eq", trust: 0.3, vendor: "kubernetes", version: "1.2", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "7.1.1", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "6.0.1", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "5.1.1", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "5.0.2", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "4.4.4", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "8.0", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "7.1.2", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "7.0", }, { model: "android", scope: "eq", trust: 0.3, vendor: "google", version: "6.0", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-30", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "centos", scope: "eq", trust: 0.3, vendor: "centos", version: "7", }, { model: "centos", scope: "eq", trust: 0.3, vendor: "centos", version: "6", }, { model: "dnsmasq", scope: "ne", trust: 0.3, vendor: "thekelleys", version: "2.78", }, { model: "kubernetes", scope: "ne", trust: 0.3, vendor: "kubernetes", version: "1.8", }, { model: "kubernetes", scope: "ne", trust: 0.3, vendor: "kubernetes", version: "1.7.7", }, { model: "kubernetes", scope: "ne", trust: 0.3, vendor: "kubernetes", version: "1.6.11", }, { model: "kubernetes", scope: "ne", trust: 0.3, vendor: "kubernetes", version: "1.5.8", }, ], sources: [ { db: "CERT/CC", id: "VU#973527", }, { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:canonical:ubuntu", vulnerable: true, }, { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/o:fedoraproject:fedora", vulnerable: true, }, { cpe22Uri: "cpe:/a:thekelleys:dnsmasq", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_desktop", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_workstation", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2017-008617", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna", sources: [ { db: "CNNVD", id: "CNNVD-201708-1115", }, ], trust: 0.6, }, cve: "CVE-2017-13704", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2017-13704", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2017-13704", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2017-13704", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2017-13704", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201708-1115", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2017-13704", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2017-13704", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities:\n1. A buffer-overflow vulnerability\n2. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. \nThis BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities", sources: [ { db: "NVD", id: "CVE-2017-13704", }, { db: "CERT/CC", id: "VU#973527", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, { db: "VULMON", id: "CVE-2017-13704", }, ], trust: 2.97, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2017-13704", trust: 3.1, }, { db: "CERT/CC", id: "VU#973527", trust: 2.5, }, { db: "BID", id: "101085", trust: 2, }, { db: "ICS CERT", id: "ICSA-17-332-01", trust: 2, }, { db: "BID", id: "101977", trust: 1.4, }, { db: "SECTRACK", id: "1039474", trust: 1.1, }, { db: "SIEMENS", id: "SSA-689071", trust: 1.1, }, { db: "JVN", id: "JVNVU93453933", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2017-008617", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201708-1115", trust: 0.6, }, { db: "VULMON", id: "CVE-2017-13704", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#973527", }, { db: "VULMON", id: "CVE-2017-13704", }, { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, id: "VAR-201710-1267", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.25396827, }, last_update_date: "2024-11-23T19:28:37.860000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FEDORA-2017-274d763ed8", trust: 0.8, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { title: "CHANGELOG", trust: 0.8, url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { title: "Fix CVE-2017-13704, which resulted in a crash on a large DNS query.", trust: 0.8, url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { title: "USN-3430-2", trust: 0.8, url: "https://usn.ubuntu.com/usn/USN-3430-2/", }, { title: "USN-3430-1", trust: 0.8, url: "https://usn.ubuntu.com/usn/USN-3430-1/", }, { title: "dnsmasq: Multiple Critical and Important vulnerabilities", trust: 0.8, url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { title: "Dnsmasq Enter the fix for the verification vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92838", }, { title: "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=fa8aad66cae5df51d49e1cdce2fe4a42", }, { title: "Red Hat: CVE-2017-13704", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2017-13704", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=7f490a104360d6f65bee18ec7bfa18a3", }, { title: "Brocade Security Advisories: BSA-2017-455", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=f173c512f0a725c451f45840ccf64e99", }, { title: "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=6283337cd31f81f24d445925f2138c0e", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/", }, ], sources: [ { db: "VULMON", id: "CVE-2017-13704", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1.8, }, { problemtype: "CWE-191", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { trust: 2.3, url: "http://www.securityfocus.com/bid/101085", }, { trust: 2, url: "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01", }, { trust: 1.7, url: "http://www.thekelleys.org.uk/dnsmasq/doc.html", }, { trust: 1.7, url: "https://www.kb.cert.org/vuls/id/973527", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/101977", }, { trust: 1.1, url: "http://thekelleys.org.uk/dnsmasq/changelog", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1039474", }, { trust: 1.1, url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { trust: 1.1, url: "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq", }, { trust: 1.1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { trust: 1, url: "https://access.redhat.com/security/cve/cve-2017-13704", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/", }, { trust: 1, url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { trust: 1, url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { trust: 1, url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { trust: 0.9, url: "http://www.thekelleys.org.uk/dnsmasq/changelog", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py", }, { trust: 0.9, url: "https://github.com/kubernetes/kubernetes/blob/master/changelog.md", }, { trust: 0.9, url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.601472", }, { trust: 0.9, url: "https://source.android.com/security/bulletin/2017-10-01", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495410", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495411", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495412", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495415", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495416", }, { trust: 0.9, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495510", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14491", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14492", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14493", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14494", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14495", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2017-14496", }, { trust: 0.9, url: "https://www.debian.org/security/2017/dsa-3989", }, { trust: 0.9, url: "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py", }, { trust: 0.9, url: "https://access.redhat.com/errata/rhsa-2017:2836", }, { trust: 0.9, url: "https://access.redhat.com/errata/rhsa-2017:2837", }, { trust: 0.8, url: "https://www.ruckuswireless.com/security", }, { trust: 0.8, url: "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13704", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu93453933/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2017-13704", }, { trust: 0.6, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01", }, { trust: 0.3, url: "http://subscriber.communications.siemens.com/", }, { trust: 0.3, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/20.html", }, { trust: 0.1, url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { trust: 0.1, url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/", }, { trust: 0.1, url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102", }, { trust: 0.1, url: "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/", }, ], sources: [ { db: "CERT/CC", id: "VU#973527", }, { db: "VULMON", id: "CVE-2017-13704", }, { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#973527", }, { db: "VULMON", id: "CVE-2017-13704", }, { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, { db: "JVNDB", id: "JVNDB-2017-008617", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, { db: "NVD", id: "CVE-2017-13704", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-10-02T00:00:00", db: "CERT/CC", id: "VU#973527", }, { date: "2017-10-03T00:00:00", db: "VULMON", id: "CVE-2017-13704", }, { date: "2017-11-28T00:00:00", db: "BID", id: "101977", }, { date: "2017-10-02T00:00:00", db: "BID", id: "101085", }, { date: "2017-10-24T00:00:00", db: "JVNDB", id: "JVNDB-2017-008617", }, { date: "2017-08-28T00:00:00", db: "CNNVD", id: "CNNVD-201708-1115", }, { date: "2017-10-03T01:29:01.637000", db: "NVD", id: "CVE-2017-13704", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-02-02T00:00:00", db: "CERT/CC", id: "VU#973527", }, { date: "2018-05-11T00:00:00", db: "VULMON", id: "CVE-2017-13704", }, { date: "2019-05-15T17:00:00", db: "BID", id: "101977", }, { date: "2017-10-02T00:00:00", db: "BID", id: "101085", }, { date: "2017-11-29T00:00:00", db: "JVNDB", id: "JVNDB-2017-008617", }, { date: "2020-10-14T00:00:00", db: "CNNVD", id: "CNNVD-201708-1115", }, { date: "2024-11-21T03:11:28.383000", db: "NVD", id: "CVE-2017-13704", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "network", sources: [ { db: "BID", id: "101977", }, { db: "BID", id: "101085", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Dnsmasq contains multiple vulnerabilities", sources: [ { db: "CERT/CC", id: "VU#973527", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input Validation Error", sources: [ { db: "BID", id: "101977", }, { db: "CNNVD", id: "CNNVD-201708-1115", }, ], trust: 0.9, }, }
fkie_cve-2017-13704
Vulnerability from fkie_nvd
Published
2017-10-03 01:29
Modified
2024-11-21 03:11
Severity ?
Summary
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 7.1 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 27 | |
| novell | leap | 42.2 | |
| novell | leap | 42.3 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| thekelleys | dnsmasq | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", matchCriteriaId: "588D4F37-0A56-47A4-B710-4D5F3D214FB9", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7B21E9A8-CE63-42C2-A11A-94D977A96DF1", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", matchCriteriaId: "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "A64AAD2D-38ED-4BA2-A27A-A2716F28D43A", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "76221AE4-1A3C-48EC-AFC2-1819BE4D3DC5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", matchCriteriaId: "B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98", versionEndIncluding: "2.77", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", }, { lang: "es", value: "En las versiones anteriores a la 2.78 de dnsmasq, si el tamaño del paquete DNS no coincide con el tamaño esperado, el parámetro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiendo hasta 0xffffffff ceros (0xffffffffffffffff en plataformas de 64 bits), haciendo que dnsmasq se cierre de manera inesperada.", }, ], id: "CVE-2017-13704", lastModified: "2024-11-21T03:11:28.383", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-03T01:29:01.637", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "cve@mitre.org", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/101977", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "cve@mitre.org", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/101977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2017-13704
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-13704", description: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", id: "GSD-2017-13704", references: [ "https://www.suse.com/security/cve/CVE-2017-13704.html", "https://advisories.mageia.org/CVE-2017-13704.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2017-13704", ], details: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", id: "GSD-2017-13704", modified: "2023-12-13T01:21:01.376515Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-13704", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1039474", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039474", }, { name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", refsource: "CONFIRM", url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "https://access.redhat.com/security/vulnerabilities/3199382", refsource: "CONFIRM", url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101085", refsource: "BID", url: "http://www.securityfocus.com/bid/101085", }, { name: "101977", refsource: "BID", url: "http://www.securityfocus.com/bid/101977", }, { name: "FEDORA-2017-274d763ed8", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", refsource: "CONFIRM", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", refsource: "CONFIRM", url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", refsource: "MISC", url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", refsource: "MLIST", url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.77", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-13704", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html", }, { name: "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html", }, { name: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { name: "FEDORA-2017-274d763ed8", refsource: "FEDORA", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", }, { name: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928", }, { name: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", refsource: "CONFIRM", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { name: "1039474", refsource: "SECTRACK", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039474", }, { name: "101085", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101085", }, { name: "https://access.redhat.com/security/vulnerabilities/3199382", refsource: "CONFIRM", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { name: "101977", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/101977", }, { name: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", refsource: "CONFIRM", tags: [], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", refsource: "CONFIRM", tags: [], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2018-05-11T01:29Z", publishedDate: "2017-10-03T01:29Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.