what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2020-25682

Status Candidate

Overview

A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Related Files

Debian Security Advisory 4844-1
Posted Feb 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4844-1 - Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | e8796fb0d51a874f14fa08f40ef54df04e7a41a8ec5691ce2db533b0966e1ebf
Red Hat Security Advisory 2021-0281-01
Posted Feb 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0281-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14382, CVE-2020-2304, CVE-2020-2305, CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, CVE-2020-25694, CVE-2020-25696, CVE-2020-8559, CVE-2020-8564, CVE-2021-20182
SHA-256 | dbb2906dd388b0ae05e96eb75aa85f2757386ed1012ef745eb72036c24c8f74c
Gentoo Linux Security Advisory 202101-17
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-17 - Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.83 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | d74f76a7c852d4e7f3291ec2d0874f62ca39a4044f320676208797e0e34e79a6
Red Hat Security Advisory 2021-0151-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0151-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | 5cacb245ded9cb0275435d6d03ed5404c38a386848e0aebb23e203773a840c87
Red Hat Security Advisory 2021-0152-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0152-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | 9b59a676f7ab63b37837fc8aca08d6a1fcfb43fdce5b00d2ab7a4fb5581caad6
Red Hat Security Advisory 2021-0150-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0150-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687
SHA-256 | edf41284ec526e49fbfc0b6cad88932a74ce20dec21784a5789b3eaf7d4ba150
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close