Executive Summary
Summary | |
---|---|
Title | dnsmasq regression update |
Informations | |||
---|---|---|---|
Name | DSA-3251 | First vendor Publication | 2015-05-05 |
Vendor | Debian | Last vendor Modification | 2015-05-07 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.4 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The update for dnsmasq issued as DSA-3251-1 introduced a regression for the armel and armhf builds causing dnsmasq failing to start under certain configurations. Updated packages are now available to address this regression. Additionally dnsmasq was patched to handle the case were the libc headers defined SO_REUSEPORT, but is not supported by the running kernel. For reference, the original advisory text follows. Nick Sampanis discovered that dnsmasq, a small caching DNS proxy and DHCP/TFTP server, did not properly check the return value of the setup_reply() function called during a TCP connection, which is used then as a size argument in a function which writes data on the client's connection. A remote attacker could exploit this issue via a specially crafted DNS request to cause dnsmasq to crash, or potentially to obtain sensitive information from process memory. For the oldstable distribution (wheezy), this problem has been fixed in version 2.62-3+deb7u3. We recommend that you upgrade your dnsmasq packages. |
Original Source
Url : http://www.debian.org/security/2015/dsa-3251 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-19 | Data Handling |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:29242 | |||
Oval ID: | oval:org.mitre.oval:def:29242 | ||
Title: | SUSE-SU-2015:0979-1 -- Security update for dnsmasq (moderate) | ||
Description: | The DNS server dnsmasq was updated to fix one security issue and one non-security bug. The following vulnerability was fixed: * CVE-2015-3294: A remote unauthenticated attacker could have caused a denial of service (DoS) or read heap memory, potentially disclosing information such as performed DNS queries or encryption keys. (bsc#928867) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2015:0979-1 CVE-2015-3294 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 | Product(s): | dnsmasq |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-10-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2616-1.nasl - Type : ACT_GATHER_INFO |
2017-10-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2617-1.nasl - Type : ACT_GATHER_INFO |
2017-10-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-2619-1.nasl - Type : ACT_GATHER_INFO |
2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2016-1044.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote DNS / DHCP service is affected by an information disclosure vulner... File : dnsmasq_dos-CVE-2015-3294.nasl - Type : ACT_GATHER_INFO |
2015-12-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201512-01.nasl - Type : ACT_GATHER_INFO |
2015-06-10 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1015-1.nasl - Type : ACT_GATHER_INFO |
2015-06-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0979-1.nasl - Type : ACT_GATHER_INFO |
2015-05-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_37569eb7012511e59d98080027ef73ec.nasl - Type : ACT_GATHER_INFO |
2015-05-21 | Name : The remote Debian host is missing a security update. File : debian_DLA-225.nasl - Type : ACT_GATHER_INFO |
2015-05-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-359.nasl - Type : ACT_GATHER_INFO |
2015-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3251.nasl - Type : ACT_GATHER_INFO |
2015-05-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2593-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-05-11 21:29:12 |
|
2015-05-08 21:29:17 |
|
2015-05-08 00:24:21 |
|
2015-05-07 13:26:19 |
|
2015-05-05 21:24:58 |
|