what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2017-2836-01

Posted Oct 3, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2836-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.

tags | advisory, overflow, arbitrary, local

systems | linux, redhat

advisories | CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496

SHA-256 | 40f38afa9a7156950ba15636b6a23e5643072a5975f5c5d66d3df49b270e25fd

Download | Favorite | View

Related Files

No related files