Thekelleys

Dnsmasq

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 86.04%
  • Veröffentlicht 20.01.2021 16:15:14
  • Zuletzt bearbeitet 04.11.2025 20:15:57

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw ...

  • EPSS 2.66%
  • Veröffentlicht 07.01.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:27

A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.

Exploit
  • EPSS 1.71%
  • Veröffentlicht 01.08.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:52

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

  • EPSS 2.65%
  • Veröffentlicht 23.01.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:05

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Exploit
  • EPSS 84.93%
  • Veröffentlicht 04.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Exploit
  • EPSS 83.64%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • EPSS 93.31%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

  • EPSS 67.55%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

  • EPSS 84.32%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • EPSS 66.35%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.