Product:

Dnsmasq

(Thekelleys)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 36
Date Id Summary Products Score Patch Annotated
2015-05-08 CVE-2015-3294 The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. Solaris, Dnsmasq N/A
2016-06-30 CVE-2015-8899 Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. Ubuntu_linux, Dnsmasq 7.5
2017-10-04 CVE-2017-14491 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Eos, Arubaos, Ubuntu_linux, Debian_linux, Honor_v9_play_firmware, Geforce_experience, Linux_for_tegra, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Ruggedcom_rm1224_firmware, Scalance_m\-800_firmware, Scalance_s615_firmware, Scalance_w1750d_firmware, Linux_enterprise_debuginfo, Linux_enterprise_point_of_sale, Linux_enterprise_server, Diskstation_manager, Router_manager, Dnsmasq 9.8
2017-10-03 CVE-2017-14492 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Ubuntu_linux, Debian_linux, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 9.8
2017-10-03 CVE-2017-14496 Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Ubuntu_linux, Debian_linux, Android, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 7.5
2017-10-03 CVE-2017-14493 Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Ubuntu_linux, Debian_linux, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 9.8
2017-10-03 CVE-2017-14494 dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Ubuntu_linux, Debian_linux, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 5.9
2017-10-03 CVE-2017-14495 Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Ubuntu_linux, Debian_linux, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 7.5
2017-10-03 CVE-2017-13704 In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Ubuntu_linux, Debian_linux, Fedora, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Dnsmasq 7.5
2021-01-20 CVE-2020-25683 A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in... Debian_linux, Fedora, Dnsmasq 5.9