Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2013:072 | First vendor Publication | 2013-04-08 |
Vendor | Mandriva | Last vendor Modification | 2013-04-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Updated dnsmasq packages fix security vulnerabilities: When dnsmasq before 2.63 is used in conjunctions with certain configurations of libvirtd, network packets from prohibited networks (e.g. packets that should not be passed in) may be sent to the dnsmasq application and processed. This can result in DNS amplification attacks for example (CVE-2012-3411). This update adds a new option --bind-dynamic which is immune to this problem. Updated dnsmasq packages fix security vulnerabilities (CVE-2013-0198): This update completes the fix for CVE-2012-3411 provided with dnsmasq-2.63. It was found that after the upstream patch for CVE-2012-3411 issue was applied, dnsmasq still: - replied to remote TCP-protocol based DNS queries (UDP protocol ones were corrected, but TCP ones not) from prohibited networks, when the --bind-dynamic option was used, - when --except-interface lo option was used dnsmasq didn't answer local or remote UDP DNS queries, but still allowed TCP protocol based DNS queries, - when --except-interface lo option was not used local / remote TCP DNS queries were also still answered by dnsmasq. This update fix these three cases. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20912 | |||
Oval ID: | oval:org.mitre.oval:def:20912 | ||
Title: | RHSA-2013:0277: dnsmasq security, bug fix and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0277-02 CESA-2013:0277 CVE-2012-3411 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21113 | |||
Oval ID: | oval:org.mitre.oval:def:21113 | ||
Title: | RHSA-2013:0276: libvirt security, bug fix, and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0276-02 CESA-2013:0276 CVE-2012-3411 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23819 | |||
Oval ID: | oval:org.mitre.oval:def:23819 | ||
Title: | ELSA-2013:0276: libvirt security, bug fix, and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0276-02 CVE-2012-3411 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24085 | |||
Oval ID: | oval:org.mitre.oval:def:24085 | ||
Title: | ELSA-2013:0277: dnsmasq security, bug fix and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0277-02 CVE-2012-3411 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27544 | |||
Oval ID: | oval:org.mitre.oval:def:27544 | ||
Title: | DEPRECATED: ELSA-2013-0277 -- dnsmasq security, bug fix and enhancement update (moderate) | ||
Description: | [2.48-13] - Fix the DHCP RELEASE problem when two or more dnsmasq instances are running (rhbz#887156) [2.48-12] - Fixing initscript restart stop functions (rhbz#850944) [2.48-11] - Revert previous changes because of many problems with --bind-dynamic option backport. - Dropping dnsmasq-2.48-add-bind-dynamic-option.patch - Set SO_BINDTODEVICE socket option when using --bind-interfaces (rhbz#884957) [2.48-10] - Fixed dnsmasq-2.48-add-bind-dynamic-option.patch - the option --bind-dynamic was not set correctly when used [2.48-9] - Added cc flag -fno-strict-aliasing to solve Testsuite regressions [2.48-8] - Fix CVE-2012-3411 (rhbz#882251) [2.48-7] - Fix lease-change script (rhbz#815819) - Check tftp-root exists and is accessible at startup (rhbz#824214) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0277 CVE-2012-3411 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27553 | |||
Oval ID: | oval:org.mitre.oval:def:27553 | ||
Title: | DEPRECATED: ELSA-2013-0276 -- libvirt security, bug fix, and enhancement update (moderate) | ||
Description: | [libvirt-0.10.2-18.0.1.el6] - Replace docs/et.png in tarball with blank image [0.10.2-18] - rpc: Fix crash on error paths of message dispatching (CVE-2013-0170) - spec: Disable libssh2 support (rhbz#513363) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0276 CVE-2012-3411 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-09-17 | Name : Fedora Update for dnsmasq FEDORA-2012-12598 File : nvt/gb_fedora_2012_12598_dnsmasq_fc17.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-12-22 | Name : The remote DNS / DHCP service is affected by a denial of service vulnerability. File : dnsmasq_dos-CVE-2013-0198.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote DNS / DHCP service is affected by a denial of service vulnerability. File : dnsmasq_dos-CVE-2012-3411.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0579.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-24.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-161.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-072.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_dnsmasq_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-02-19 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1320.nasl - Type : ACT_GATHER_INFO |
2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1357.nasl - Type : ACT_GATHER_INFO |
2013-01-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-20531.nasl - Type : ACT_GATHER_INFO |
2012-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-20577.nasl - Type : ACT_GATHER_INFO |
2012-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-12598.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:43:30 |
|
2013-04-09 00:18:17 |
|