fkie_cve-2017-14491
Vulnerability from fkie_nvd
Published
2017-10-04 01:29
Modified
2025-01-14 19:29
Severity ?
Summary
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", matchCriteriaId: "B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98", versionEndIncluding: "2.77", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", matchCriteriaId: "588D4F37-0A56-47A4-B710-4D5F3D214FB9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", matchCriteriaId: "7B21E9A8-CE63-42C2-A11A-94D977A96DF1", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", matchCriteriaId: "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*", matchCriteriaId: "0FC411C9-9A8A-49D0-B704-2207674778CB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*", matchCriteriaId: "B2F3699A-38E4-4E9D-9414-411F71D9E371", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*", matchCriteriaId: "54DF7A22-DF8B-4272-8EC6-48173E8860B8", versionEndExcluding: "r21.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*", matchCriteriaId: "810B05A3-29CF-464F-9E63-8238AA0651AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*", matchCriteriaId: "22159717-67FD-4A10-9F65-4434FEC1F922", versionEndExcluding: "r24.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "5454038C-F1F0-4061-8B5C-04A8CF1658C6", versionEndExcluding: "3.10.0.55", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF744446-5C60-4C66-BE6B-DD108487B46C", versionEndExcluding: "jimmy-al00ac00b135", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*", matchCriteriaId: "B543AF24-5D59-4A46-AC76-0EFF314E3D1A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "E861FF18-4E42-4092-81B6-0BB32679B2CF", versionEndIncluding: "4.15", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "E2DED50F-C1ED-43EB-9E63-B65F4F287F41", versionEndExcluding: "4.16.13m", versionStartIncluding: "4.16", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "B5F144E5-EFB1-47E7-A2D2-28DEE6045CF6", versionEndExcluding: "4.17.8m", versionStartIncluding: "4.17", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "8F1A3AF8-D105-4F13-8921-D94DCC7DE1AF", versionEndIncluding: "4.18.4.2f", versionStartIncluding: "4.18", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63C108C5-0EF5-4C6D-8D83-ADB5EED24A6F", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E25B682B-83F5-4903-9138-16907DC7A859", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E8B2D681-1FBF-4013-B223-9878F4F1DB27", versionEndExcluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE55F796-FA73-4992-9826-57A00F77F6CA", versionEndExcluding: "6.5.1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*", matchCriteriaId: "FBC30055-239F-4BB1-B2D1-E5E35F0D8911", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE6B116-71BB-49BF-A5EF-4460D9089511", versionEndExcluding: "6.3.1.25", versionStartIncluding: "6.3.1", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "193354A0-B108-4CA4-A1C3-F5F23147A295", versionEndExcluding: "6.4.4.16", versionStartIncluding: "6.4.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "47D1AB4F-0922-49AF-9AE5-AEB4019E652C", versionEndExcluding: "6.5.1.9", versionStartIncluding: "6.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "8F5D03FA-CE4E-4888-88E2-384986A890BA", versionEndExcluding: "6.5.3.3", versionStartIncluding: "6.5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "E39B25F2-C65B-457F-A36E-14FC8285A004", versionEndExcluding: "6.5.4.2", versionStartIncluding: "6.5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", matchCriteriaId: "00E53FE9-EA96-456A-B522-FC81DD0CCE3E", versionEndExcluding: "8.1.0.4", versionStartIncluding: "8.1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*", matchCriteriaId: "46261C28-E276-4639-BA3D-A735B02599F8", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*", matchCriteriaId: "01527614-8A68-48DC-B0A0-F4AA99489221", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*", matchCriteriaId: "65372FA7-B54B-4298-99BF-483E9FEBA253", vulnerable: true, }, { criteria: "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*", matchCriteriaId: "3D04EA1A-F8E0-415B-8786-1C8C0F08E132", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.", }, { lang: "es", value: "Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada.", }, ], id: "CVE-2017-14491", lastModified: "2025-01-14T19:29:55.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-10-04T01:29:02.870", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "cve@mitre.org", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101977", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201710-27", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42941/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4560", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://thekelleys.org.uk/dnsmasq/CHANGELOG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2017/dsa-3989", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/101977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securitytracker.com/id/1039474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3430-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2836", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2840", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:2841", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/vulnerabilities/3199382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201710-27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3989", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42941/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/973527", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.