Thekelleys

Dnsmasq

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-14513

Exploit
  • EPSS 0.05%
  • Published 01.08.2019 21:15:12
  • Last modified 21.11.2024 04:26:52

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

7.5

CVE-2017-15107

  • EPSS 0.03%
  • Published 23.01.2018 16:29:00
  • Last modified 21.11.2024 03:14:05

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

9.8

CVE-2017-14491

Exploit
  • EPSS 60.19%
  • Published 04.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

9.8

CVE-2017-14492

  • EPSS 92.64%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

9.8

CVE-2017-14493

Exploit
  • EPSS 5.62%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

5.9

CVE-2017-14494

  • EPSS 15.41%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

7.5

CVE-2017-14495

  • EPSS 60.15%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

7.8

CVE-2017-14496

  • EPSS 15.74%
  • Published 03.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

7.5

CVE-2017-13704

  • EPSS 81.76%
  • Published 03.10.2017 01:29:01
  • Last modified 20.04.2025 01:37:25

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platf...

7.5

CVE-2015-8899

  • EPSS 0.08%
  • Published 30.06.2016 17:59:00
  • Last modified 12.04.2025 10:46:40

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.