Lucene search

[email protected]CVE-2008-3214

HistoryJul 18, 2008 - 4:41 p.m.

CVE-2008-3214

2008-07-1816:41:00

CWE-20

[email protected]

web.nvd.nist.gov

cve

2008

3214

dnsmasq

denial of service

remote attackers

dhcp

nak

daemon crash

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

Low

0.048 Low

EPSS

Percentile

92.8%

JSON

dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.

Affected configurations

NVD

Node

thekelleysdnsmasqMatch2.25

CPENameOperatorVersion
thekelleys:dnsmasqthekelleys dnsmasqeq2.25

CPE	Name	Operator	Version
thekelleys:dnsmasq	thekelleys dnsmasq	eq	2.25

References

freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681

www.openwall.com/lists/oss-security/2008/06/30/7

www.openwall.com/lists/oss-security/2008/07/01/8

www.openwall.com/lists/oss-security/2008/07/02/4

www.openwall.com/lists/oss-security/2008/07/03/4

www.openwall.com/lists/oss-security/2008/07/08/8

www.openwall.com/lists/oss-security/2008/07/12/3

www.thekelleys.org.uk/dnsmasq/CHANGELOG

bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438

exchange.xforce.ibmcloud.com/vulnerabilities/43929

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

Low

0.048 Low

EPSS

Percentile

92.8%

JSON

Related for CVE-2008-3214

redhatcve2 debiancve2 nessus1 prion2 nvd2 ubuntucve2 openvas1 cvelist2 cve1