what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2017-14491

Status Candidate

Overview

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Related Files

Ubuntu Security Notice USN-3430-3
Posted Jan 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3430-3 - USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
SHA-256 | ee378bb57645a2d84370aab4dc638233e21bb225bd62f15b9bfc37f646a1ded4
Gentoo Linux Security Advisory 201710-27
Posted Oct 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-27 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.78 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
SHA-256 | 38689f62169ad9727d20db758cda09ebd860a0cf445ff581a92ce63c5f6b096a
Ubuntu Security Notice USN-3430-2
Posted Oct 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3430-2 - USN-3430-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 12.04 ESM. A Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher A discovered that Dnsmasq incorrectly handled DNS requests. A remote A attacker could use this issue to cause Dnsmasq to crash, resulting in A a denial of service, or possibly execute arbitrary code.A A Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
SHA-256 | af47e78fbed8bea2d0e91ae18d941fe35ccaff045fd6e05faf0764d15c245741
Red Hat Security Advisory 2017-2836-01
Posted Oct 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2836-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
SHA-256 | 40f38afa9a7156950ba15636b6a23e5643072a5975f5c5d66d3df49b270e25fd
Red Hat Security Advisory 2017-2839-01
Posted Oct 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2839-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2017-14491
SHA-256 | 9301e5e527415a2079a3e5a2d51158d08cb1acf07b4b31123d7e9edf847b15b6
Red Hat Security Advisory 2017-2838-01
Posted Oct 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2838-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2017-14491
SHA-256 | 419b8334960678d4d5bd2530706ac6c176749a1ab7380d444363dc8317e67b4b
Dnsmasq 2-Byte Heap-Based Overflow
Posted Oct 2, 2017
Authored by Google Security Research

Dnsmasq versions prior to 2.78 suffer from a 2-byte heap-based overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-14491
SHA-256 | 055805c64fac47383be8dcb205cabe37b909202765ae70c0b6a566982e7e3d90
Ubuntu Security Notice USN-3430-1
Posted Oct 2, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3430-1 - Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled IPv6 router advertisements. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496
SHA-256 | 3dad4acf0720be09289a42b685e45cc126f0c1cade57b137c68ab5283ae43c49
Red Hat Security Advisory 2017-2837-01
Posted Oct 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2837-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494
SHA-256 | 90869c50cad4aa9014f75fd6b9307d81979a791208e043f504a417a1e7001350
Red Hat Security Advisory 2017-2840-01
Posted Oct 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2840-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2017-14491
SHA-256 | 0137f5aa40bb8ee22574ae9e460c91b1a00114d3dfa61f0affa468b3d299df6d
Red Hat Security Advisory 2017-2841-01
Posted Oct 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2841-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2017-14491
SHA-256 | c4769c7be0ede11eeaa6232c34d7ba5f2d2503a11126f5b50a21044c09cb0e4d
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close