dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)
2018-01-18T00:00:00
ID DNSMASQ_2_76.NASL Type nessus Reporter Tenable Modified 2018-07-11T00:00:00
Description
The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(106138);
script_version("1.4");
script_cvs_date("Date: 2018/07/11 12:34:08");
script_cve_id("CVE-2015-8899");
script_bugtraq_id(91031);
script_name(english:"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)");
script_summary(english:"Checks the version of dnsmasq");
script_set_attribute(attribute:"synopsis", value:"The remote DNS / DHCP service is affected by a denial of service vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of dnsmasq installed on the remote host is at least 2.73
and prior to 2.76, and thus, is affected by a denial of service
vulnerability when handling a reply that a given name is empty while
the A or AAAA record is defined locally and in a hosts file.");
script_set_attribute(attribute:"see_also", value:"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG");
# http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1481bb05");
script_set_attribute(attribute:"solution", value:"Upgrade to dnsmasq 2.76 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/18");
script_set_attribute(attribute:"patch_publication_date", value:"2014/11/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/18");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:thekelleys:dnsmasq");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018 Tenable Network Security, Inc.");
script_family(english:"DNS");
script_dependencie("dns_version.nasl");
script_require_keys("dns_server/version", "Settings/ParanoidReport");
script_require_ports("Services/dns", 53);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
app_name = "dnsmasq";
port = get_kb_item("Services/udp/dns");
if (!port) port = 53;
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# dnsmasq replies to BIND.VERSION
version = get_kb_item_or_exit("dns_server/version");
version = tolower(version);
display_version = version;
if (version !~ "dnsmasq-(v)?")
audit(AUDIT_NOT_LISTEN, app_name, port);
version = ereg_replace(pattern:"^dnsmasq-(v)?(.*)$", replace:"\2", string:version);
if (version == '2')
audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);
# vuln introduced in 2.73, fixed in 2.76
if (version =~ "^2\.7[345]($|[^0-9])")
{
report = '\n' +
'\n Installed version : ' + display_version +
'\n Fixed version : dnsmasq-2.76' +
'\n';
security_report_v4(port:53, proto:"udp", severity:SECURITY_WARNING, extra:report);
}
else audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');
{"id": "DNSMASQ_2_76.NASL", "bulletinFamily": "scanner", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "published": "2018-01-18T00:00:00", "modified": "2018-07-11T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "reporter": "Tenable", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "cvelist": ["CVE-2015-8899"], "type": "nessus", "lastseen": "2019-02-21T01:35:47", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "71e13d64c07f700c185c4c027a18e070cdda142fc7740d734c1f862335976445", "hashmap": [{"hash": "1f78520ae035768d5eca5cb100592e87", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "e3da22819dd9cc8296d561d46b4d725a", "key": "modified"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "62e79439ae1101a3d361fe741ffcca6a", "key": "description"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2018-07-12T17:28:47", "modified": "2018-07-11T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/11 12:34:08\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-12T17:28:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2b7339101d264030d35afec230f7fb5d4cd0c768fcb112d39fd482c0b16fe52b", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "7df40c78af534df5b62b933748dfb7c5", "key": "sourceData"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "62e79439ae1101a3d361fe741ffcca6a", "key": "description"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8acef1c33f73aafdb7cffe84eda8c2b1", "key": "modified"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2018-01-19T22:52:58", "modified": "2018-01-19T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2018/01/19 14:26:48 $\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_osvdb_id(139503);\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2018-01-19T22:52:58"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "feb2f4ab13c2acfff426f41bdd275254739ce5a84f994a743ab7cf918772b882", "hashmap": [{"hash": "1f78520ae035768d5eca5cb100592e87", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "e3da22819dd9cc8296d561d46b4d725a", "key": "modified"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "62e79439ae1101a3d361fe741ffcca6a", "key": "description"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2018-08-30T19:29:40", "modified": "2018-07-11T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/11 12:34:08\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:29:40"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:31:44", "references": [{"idList": ["FEDORA_2016-DA2F9C22B4.NASL", "PHOTONOS_PHSA-2016-0012_DNSMASQ.NASL", "SUSE_SU-2016-3269-1.NASL", "FREEBSD_PKG_875E4CF83F0E11E6B3C814DAE9D210B8.NASL", "SUSE_SU-2017-2617-1.NASL", "UBUNTU_USN-3009-1.NASL", "SUSE_SU-2016-3199-1.NASL", "OPENSUSE-2017-10.NASL", "FEDORA_2016-6DB1C9EB69.NASL", "SUSE_SU-2017-2619-1.NASL"], "type": "nessus"}, {"idList": ["CVE-2015-8899"], "type": "cve"}, {"idList": ["USN-3009-1"], "type": "ubuntu"}, {"idList": ["SUSE-SU-2016:3199-1", "SUSE-SU-2016:3257-1", "SUSE-SU-2016:3269-1", "OPENSUSE-SU-2017:0016-1", "SUSE-SU-2017:2616-1", "SUSE-SU-2017:2617-1", "SUSE-SU-2017:2619-1"], "type": "suse"}, {"idList": ["875E4CF8-3F0E-11E6-B3C8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["OPENVAS:1361412562310808769", "OPENVAS:1361412562310808950", "OPENVAS:1361412562310842799", "OPENVAS:1361412562310106095", "OPENVAS:1361412562310851464"], "type": "openvas"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "4da6b70ba2ff7d8b565767541dacad99825d6b8d1dbc1ce2217a08cb32d93a02", "hashmap": [{"hash": "1f78520ae035768d5eca5cb100592e87", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "e3da22819dd9cc8296d561d46b4d725a", "key": "modified"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "e6720624b513509d7979f58c9407e0a8", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2019-01-16T20:31:44", "modified": "2018-07-11T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/11 12:34:08\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:31:44"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "edition": 1, "enchantments": {"score": {"modified": "2018-01-19T03:02:43", "value": null}}, "hash": "e5d2a842f176e91869405e573164471c7af04c238c4d3b9ab8fecac97db5df2a", "hashmap": [{"hash": "fccd9dc3542bce95fb1c9aa0b8f3328b", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "62e79439ae1101a3d361fe741ffcca6a", "key": "description"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2018-01-19T03:02:43", "modified": "2018-01-18T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2018/01/18 18:05:38 $\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_osvdb_id(139503);\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2018-01-19T03:02:43"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "cvelist": ["CVE-2015-8899"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "The version of dnsmasq installed on the remote host is at least 2.73 and prior to 2.76, and thus, is affected by a denial of service vulnerability when handling a reply that a given name is empty while the A or AAAA record is defined locally and in a hosts file.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "71e13d64c07f700c185c4c027a18e070cdda142fc7740d734c1f862335976445", "hashmap": [{"hash": "1f78520ae035768d5eca5cb100592e87", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12ee7030859463b0931e9af40f1c614f", "key": "pluginID"}, {"hash": "05ae6e0607ccae4b108f1be9d3e57b3a", "key": "cpe"}, {"hash": "e3da22819dd9cc8296d561d46b4d725a", "key": "modified"}, {"hash": "a95d81254fc6d44e7ccdecef873ef421", "key": "cvelist"}, {"hash": "62e79439ae1101a3d361fe741ffcca6a", "key": "description"}, {"hash": "afd99fd4ff1535a7ea43a31497e2025d", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "published"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "f06c028fbadb083feb06b8504a30111c", "key": "title"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "5016f417de66a4523d7b61a6976ae3a3", "key": "href"}, {"hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=106138", "id": "DNSMASQ_2_76.NASL", "lastseen": "2018-09-01T23:32:42", "modified": "2018-07-11T00:00:00", "naslFamily": "DNS", "objectVersion": "1.3", "pluginID": "106138", "published": "2018-01-18T00:00:00", "references": ["http://www.nessus.org/u?1481bb05", "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/11 12:34:08\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "title": "dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:32:42"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "05ae6e0607ccae4b108f1be9d3e57b3a"}, {"key": "cvelist", "hash": "a95d81254fc6d44e7ccdecef873ef421"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "62e79439ae1101a3d361fe741ffcca6a"}, {"key": "href", "hash": "5016f417de66a4523d7b61a6976ae3a3"}, {"key": "modified", "hash": "e3da22819dd9cc8296d561d46b4d725a"}, {"key": "naslFamily", "hash": "ed5f2bdecbd4bd349d09412d1ff6a6fb"}, {"key": "pluginID", "hash": "12ee7030859463b0931e9af40f1c614f"}, {"key": "published", "hash": "2bd1a888d4d32830ca7e123d42f56c1e"}, {"key": "references", "hash": "afd99fd4ff1535a7ea43a31497e2025d"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "1f78520ae035768d5eca5cb100592e87"}, {"key": "title", "hash": "f06c028fbadb083feb06b8504a30111c"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "71e13d64c07f700c185c4c027a18e070cdda142fc7740d734c1f862335976445", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-8899"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851464", "OPENVAS:1361412562310808769", "OPENVAS:1361412562310842799", "OPENVAS:1361412562310106095", "OPENVAS:1361412562310808950"]}, {"type": "nessus", "idList": ["OPENSUSE-2017-10.NASL", "FEDORA_2016-DA2F9C22B4.NASL", "FREEBSD_PKG_875E4CF83F0E11E6B3C814DAE9D210B8.NASL", "SUSE_SU-2016-3199-1.NASL", "PHOTONOS_PHSA-2016-0012_DNSMASQ.NASL", "SUSE_SU-2016-3269-1.NASL", "UBUNTU_USN-3009-1.NASL", "FEDORA_2016-6DB1C9EB69.NASL", "SUSE_SU-2017-2617-1.NASL", "SUSE_SU-2017-2619-1.NASL"]}, {"type": "suse", "idList": ["SUSE-SU-2016:3257-1", "SUSE-SU-2016:3199-1", "OPENSUSE-SU-2017:0016-1", "SUSE-SU-2016:3269-1", "SUSE-SU-2017:2616-1", "SUSE-SU-2017:2619-1", "SUSE-SU-2017:2617-1"]}, {"type": "freebsd", "idList": ["875E4CF8-3F0E-11E6-B3C8-14DAE9D210B8"]}, {"type": "ubuntu", "idList": ["USN-3009-1"]}], "modified": "2019-02-21T01:35:47"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106138);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/11 12:34:08\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_bugtraq_id(91031);\n\n script_name(english:\"dnsmasq < 2.76 Empty Address Denial of Service (CVE-2015-8899)\");\n script_summary(english:\"Checks the version of dnsmasq\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote DNS / DHCP service is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dnsmasq installed on the remote host is at least 2.73\nand prior to 2.76, and thus, is affected by a denial of service\nvulnerability when handling a reply that a given name is empty while\nthe A or AAAA record is defined locally and in a hosts file.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1481bb05\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to dnsmasq 2.76 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:thekelleys:dnsmasq\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n\n script_dependencie(\"dns_version.nasl\");\n script_require_keys(\"dns_server/version\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/dns\", 53);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"dnsmasq\";\n\nport = get_kb_item(\"Services/udp/dns\");\nif (!port) port = 53;\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# dnsmasq replies to BIND.VERSION\nversion = get_kb_item_or_exit(\"dns_server/version\");\nversion = tolower(version);\ndisplay_version = version;\n\nif (version !~ \"dnsmasq-(v)?\")\n audit(AUDIT_NOT_LISTEN, app_name, port);\n\nversion = ereg_replace(pattern:\"^dnsmasq-(v)?(.*)$\", replace:\"\\2\", string:version);\n\nif (version == '2')\n audit(AUDIT_VER_NOT_GRANULAR, app_name, port, display_version);\n\n# vuln introduced in 2.73, fixed in 2.76\nif (version =~ \"^2\\.7[345]($|[^0-9])\")\n{\n report = '\\n' +\n '\\n Installed version : ' + display_version +\n '\\n Fixed version : dnsmasq-2.76' +\n '\\n';\n security_report_v4(port:53, proto:\"udp\", severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version, 'udp');\n", "naslFamily": "DNS", "pluginID": "106138", "cpe": ["cpe:/a:thekelleys:dnsmasq"], "scheme": null}
{"cve": [{"lastseen": "2017-04-18T15:58:51", "bulletinFamily": "NVD", "description": "Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.", "modified": "2016-11-28T14:50:12", "published": "2016-06-30T13:59:00", "id": "CVE-2015-8899", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899", "type": "cve", "title": "CVE-2015-8899", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:28:54", "bulletinFamily": "scanner", "description": "This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and remote dns entries (bsc#983273)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-30T00:00:00", "id": "SUSE_SU-2016-3269-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96141", "published": "2016-12-27T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2016:3269-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:3269-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96141);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/30 10:54:50\");\n\n script_cve_id(\"CVE-2015-8899\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2016:3269-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and\n remote dns entries (bsc#983273)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=983273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8899/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20163269-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b45bdce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2016-1912=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2016-1912=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2016-1912=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1912=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2016-1912=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1912=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"dnsmasq-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"dnsmasq-debuginfo-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"dnsmasq-debugsource-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-debuginfo-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-debugsource-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"dnsmasq-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"dnsmasq-debuginfo-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"dnsmasq-debugsource-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-debuginfo-2.71-13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"dnsmasq-debugsource-2.71-13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:27", "bulletinFamily": "scanner", "description": "Security update.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-DA2F9C22B4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=92393", "published": "2016-07-19T00:00:00", "title": "Fedora 24 : dnsmasq (2016-da2f9c22b4)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-da2f9c22b4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92393);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2016/10/18 17:03:07 $\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_xref(name:\"FEDORA\", value:\"2016-da2f9c22b4\");\n\n script_name(english:\"Fedora 24 : dnsmasq (2016-da2f9c22b4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security update.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-da2f9c22b4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dnsmasq package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"dnsmasq-2.76-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:28:58", "bulletinFamily": "scanner", "description": "This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and remote dns entries (bsc#983273)\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update project.", "modified": "2017-01-04T00:00:00", "id": "OPENSUSE-2017-10.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96277", "published": "2017-01-04T00:00:00", "title": "openSUSE Security Update : dnsmasq (openSUSE-2017-10)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-10.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96277);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/04 15:13:58 $\");\n\n script_cve_id(\"CVE-2015-8899\");\n\n script_name(english:\"openSUSE Security Update : dnsmasq (openSUSE-2017-10)\");\n script_summary(english:\"Check for the openSUSE-2017-10 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and\n remote dns entries (bsc#983273)\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983273\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dnsmasq packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dnsmasq-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dnsmasq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dnsmasq-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dnsmasq-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"dnsmasq-2.71-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"dnsmasq-debuginfo-2.71-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"dnsmasq-debugsource-2.71-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"dnsmasq-utils-2.71-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"dnsmasq-utils-debuginfo-2.71-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"dnsmasq-2.71-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"dnsmasq-debuginfo-2.71-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"dnsmasq-debugsource-2.71-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"dnsmasq-utils-2.71-8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"dnsmasq-utils-debuginfo-2.71-8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq / dnsmasq-debuginfo / dnsmasq-debugsource / dnsmasq-utils / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:14", "bulletinFamily": "scanner", "description": "Edwin Torok discovered that Dnsmasq incorrectly handled certain CNAME responses. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-3009-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91725", "published": "2016-06-21T00:00:00", "title": "Ubuntu 15.10 / 16.04 LTS : dnsmasq vulnerability (USN-3009-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3009-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91725);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:40\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_xref(name:\"USN\", value:\"3009-1\");\n\n script_name(english:\"Ubuntu 15.10 / 16.04 LTS : dnsmasq vulnerability (USN-3009-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Edwin Torok discovered that Dnsmasq incorrectly handled certain\nCNAME responses. A remote attacker could use this issue to cause\nDnsmasq to crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3009-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected dnsmasq, dnsmasq-base and / or dnsmasq-utils\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsmasq-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dnsmasq-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(15\\.10|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"dnsmasq\", pkgver:\"2.75-1ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"dnsmasq-base\", pkgver:\"2.75-1ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"dnsmasq-utils\", pkgver:\"2.75-1ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"dnsmasq\", pkgver:\"2.75-1ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"dnsmasq-base\", pkgver:\"2.75-1ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"dnsmasq-utils\", pkgver:\"2.75-1ubuntu0.16.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq / dnsmasq-base / dnsmasq-utils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-08T12:51:50", "bulletinFamily": "scanner", "description": "An update of the dnsmasq package has been released.", "modified": "2019-02-07T00:00:00", "published": "2019-02-07T00:00:00", "id": "PHOTONOS_PHSA-2016-0012_DNSMASQ.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=121647", "title": "Photon OS 1.0: Dnsmasq PHSA-2016-0012", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.`\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2016-0012. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121647);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/02/07 18:14:47\");\n\n script_cve_id(\"CVE-2015-8899\");\n\n script_name(english:\"Photon OS 1.0: Dnsmasq PHSA-2016-0012\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the dnsmasq package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-12.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9555\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"dnsmasq-2.76-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"dnsmasq-debuginfo-2.76-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:28:50", "bulletinFamily": "scanner", "description": "This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and remote dns entries (bsc#983273)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-30T00:00:00", "id": "SUSE_SU-2016-3199-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95990", "published": "2016-12-21T00:00:00", "title": "SUSE SLES11 Security Update : dnsmasq (SUSE-SU-2016:3199-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:3199-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95990);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/30 10:54:50\");\n\n script_cve_id(\"CVE-2015-8899\");\n\n script_name(english:\"SUSE SLES11 Security Update : dnsmasq (SUSE-SU-2016:3199-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dnsmasq fixes the following issues :\n\n - CVE-2015-8899: Denial of service between local and\n remote dns entries (bsc#983273)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=983273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8899/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20163199-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36c8380a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-dnsmasq-12899=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-dnsmasq-12899=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"dnsmasq-2.71-0.16.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:19", "bulletinFamily": "scanner", "description": "reports :\n\nDnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.", "modified": "2018-11-21T00:00:00", "id": "FREEBSD_PKG_875E4CF83F0E11E6B3C814DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91910", "published": "2016-07-01T00:00:00", "title": "FreeBSD : dnsmasq -- denial of service (875e4cf8-3f0e-11e6-b3c8-14dae9d210b8)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91910);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/11/21 10:46:31\");\n\n script_cve_id(\"CVE-2015-8899\");\n\n script_name(english:\"FreeBSD : dnsmasq -- denial of service (875e4cf8-3f0e-11e6-b3c8-14dae9d210b8)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"reports :\n\nDnsmasq before 2.76 allows remote servers to cause a denial of service\n(crash) via a reply with an empty DNS address that has an (1) A or (2)\nAAAA record defined locally.\"\n );\n # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1481bb05\"\n );\n # http://www.openwall.com/lists/oss-security/2016/06/03/7\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2016/06/03/7\"\n );\n # https://vuxml.freebsd.org/freebsd/875e4cf8-3f0e-11e6-b3c8-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9fcfde89\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:dnsmasq-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"dnsmasq<2.76,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"dnsmasq-devel<2.76.0test1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:38", "bulletinFamily": "scanner", "description": "Enhancement update.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2016-10-18T00:00:00", "id": "FEDORA_2016-6DB1C9EB69.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=92802", "published": "2016-08-09T00:00:00", "title": "Fedora 23 : dnsmasq (2016-6db1c9eb69)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-6db1c9eb69.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92802);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:52:29 $\");\n\n script_cve_id(\"CVE-2015-8899\");\n script_xref(name:\"FEDORA\", value:\"2016-6db1c9eb69\");\n\n script_name(english:\"Fedora 23 : dnsmasq (2016-6db1c9eb69)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Enhancement update.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-6db1c9eb69\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dnsmasq package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"dnsmasq-2.76-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:33:13", "bulletinFamily": "scanner", "description": "This update for dnsmasq fixes the following issues. Remedy the following security issues :\n\n - CVE-2017-14491: 2 byte heap based overflow.\n [bsc#1060354]\n\n - CVE-2017-14492: heap based overflow. [bsc#1060355]\n\n - CVE-2017-14493: stack based overflow. [bsc#1060360]\n\n - CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n\n - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n\n - CVE-2017-14496: DNS - DoS Integer underflow.\n [bsc#1060364]\n\n - Prevent a man-in-the-middle attack (bsc#972164, fate#321175). Furthermore, the following issues have been fixed :\n\n - Fix DHCP relaying, broken in 2.76 and 2.77.\n\n - Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).\n\n - Fix PXE booting for UEFI architectures (fate#322030).\n\n - Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)\n\n - Build with support for DNSSEC (fate#318323, bsc#908137).\n Please note that this update brings a (small) potential incompatibility in the handling of 'basename' in\n --pxe-service. Please read the CHANGELOG and the documentation if you are using this option.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-30T00:00:00", "id": "SUSE_SU-2017-2616-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=103637", "published": "2017-10-03T00:00:00", "title": "SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2017:2616-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:2616-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103637);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2018/11/30 10:54:51\");\n\n script_cve_id(\"CVE-2015-3294\", \"CVE-2015-8899\", \"CVE-2017-14491\", \"CVE-2017-14492\", \"CVE-2017-14493\", \"CVE-2017-14494\", \"CVE-2017-14495\", \"CVE-2017-14496\");\n script_bugtraq_id(74452);\n script_xref(name:\"IAVA\", value:\"2017-A-0284\");\n\n script_name(english:\"SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2017:2616-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dnsmasq fixes the following issues. Remedy the\nfollowing security issues :\n\n - CVE-2017-14491: 2 byte heap based overflow.\n [bsc#1060354]\n\n - CVE-2017-14492: heap based overflow. [bsc#1060355]\n\n - CVE-2017-14493: stack based overflow. [bsc#1060360]\n\n - CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n\n - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n\n - CVE-2017-14496: DNS - DoS Integer underflow.\n [bsc#1060364]\n\n - Prevent a man-in-the-middle attack (bsc#972164,\n fate#321175). Furthermore, the following issues have\n been fixed :\n\n - Fix DHCP relaying, broken in 2.76 and 2.77.\n\n - Update to version 2.78 (fate#321175, fate#322030,\n bsc#1035227).\n\n - Fix PXE booting for UEFI architectures (fate#322030).\n\n - Drop PrivateDevices=yes which breaks logging\n (bsc#902511, bsc#904537)\n\n - Build with support for DNSSEC (fate#318323, bsc#908137).\n Please note that this update brings a (small) potential\n incompatibility in the handling of 'basename' in\n --pxe-service. Please read the CHANGELOG and the\n documentation if you are using this option.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060355\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060362\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904537\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=908137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=972164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3294/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8899/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14491/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14492/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14493/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14495/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14496/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3e05c7d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1616=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dnsmasq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/03\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"dnsmasq-2.78-6.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"dnsmasq-debuginfo-2.78-6.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"dnsmasq-debugsource-2.78-6.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:41:51", "bulletinFamily": "scanner", "description": "An update of [ linux , wget , vim , grub2 , zookeeper , nginx , dnsmasq , haproxy ] packages for PhotonOS has been released.", "modified": "2019-02-07T00:00:00", "id": "PHOTONOS_PHSA-2016-0012.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=111846", "published": "2018-08-17T00:00:00", "title": "Photon OS 1.0: Dnsmasq / Grub2 / Haproxy / Linux / Nginx / Vim / Wget / Zookeeper PHSA-2016-0012 (deprecated)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2016-0012. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111846);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2015-8370\",\n \"CVE-2015-8899\",\n \"CVE-2016-1248\",\n \"CVE-2016-4450\",\n \"CVE-2016-5017\",\n \"CVE-2016-5360\",\n \"CVE-2016-7098\",\n \"CVE-2016-9083\",\n \"CVE-2016-9555\"\n );\n\n script_name(english:\"Photon OS 1.0: Dnsmasq / Grub2 / Haproxy / Linux / Nginx / Vim / Wget / Zookeeper PHSA-2016-0012 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [ linux , wget , vim , grub2 , zookeeper , nginx ,\ndnsmasq , haproxy ] packages for PhotonOS has been released.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-12\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b465880d\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9555\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:dnsmasq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:haproxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:wget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:zookeeper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"dnsmasq-2.76-1.ph1\",\n \"dnsmasq-debuginfo-2.76-1.ph1\",\n \"grub2-2.02-5.ph1\",\n \"grub2-efi-2.02-3.ph1\",\n \"grub2-efi-lang-2.02-3.ph1\",\n \"grub2-lang-2.02-5.ph1\",\n \"haproxy-1.6.10-1.ph1\",\n \"haproxy-debuginfo-1.6.10-1.ph1\",\n \"haproxy-doc-1.6.10-1.ph1\",\n \"linux-4.4.35-1.ph1\",\n \"linux-api-headers-4.4.35-1.ph1\",\n \"linux-debuginfo-4.4.35-1.ph1\",\n \"linux-dev-4.4.35-1.ph1\",\n \"linux-docs-4.4.35-1.ph1\",\n \"linux-drivers-gpu-4.4.35-1.ph1\",\n \"linux-esx-4.4.35-1.ph1\",\n \"linux-esx-debuginfo-4.4.35-1.ph1\",\n \"linux-esx-devel-4.4.35-1.ph1\",\n \"linux-esx-docs-4.4.35-1.ph1\",\n \"linux-oprofile-4.4.35-1.ph1\",\n \"linux-sound-4.4.35-1.ph1\",\n \"linux-tools-4.4.35-1.ph1\",\n \"linux-tools-debuginfo-4.4.35-1.ph1\",\n \"nginx-1.10.0-4.ph1\",\n \"nginx-debuginfo-1.10.0-4.ph1\",\n \"vim-7.4-6.ph1\",\n \"vim-extra-7.4-6.ph1\",\n \"wget-1.18-1.ph1\",\n \"wget-debuginfo-1.18-1.ph1\",\n \"zookeeper-3.4.9-1.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dnsmasq / grub2 / haproxy / linux / nginx / vim / wget / zookeeper\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:34", "bulletinFamily": "unix", "description": "Edwin T\u00f6r\u00f6k discovered that Dnsmasq incorrectly handled certain CNAME responses. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service.", "modified": "2016-06-20T00:00:00", "published": "2016-06-20T00:00:00", "id": "USN-3009-1", "href": "https://usn.ubuntu.com/3009-1/", "title": "Dnsmasq vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:16", "bulletinFamily": "unix", "description": "\n reports:\n\nDnsmasq before 2.76 allows remote servers to cause a denial\n\t of service (crash) via a reply with an empty DNS address that has an (1)\n\t A or (2) AAAA record defined locally.\n\n", "modified": "2016-06-30T00:00:00", "published": "2016-04-18T00:00:00", "id": "875E4CF8-3F0E-11E6-B3C8-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/875e4cf8-3f0e-11e6-b3c8-14dae9d210b8.html", "title": "dnsmasq -- denial of service", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-03-18T14:31:55", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310808950", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808950", "title": "Fedora Update for dnsmasq FEDORA-2016-da2f9c22b4", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsmasq FEDORA-2016-da2f9c22b4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808950\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:55:37 +0530 (Tue, 02 Aug 2016)\");\n script_cve_id(\"CVE-2015-8899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dnsmasq FEDORA-2016-da2f9c22b4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsmasq'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"dnsmasq on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-da2f9c22b4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6AFZAG4FRUEYRHP53HWJ5LFHVV56AR3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsmasq\", rpm:\"dnsmasq~2.76~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:32:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-08-09T00:00:00", "id": "OPENVAS:1361412562310808769", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808769", "title": "Fedora Update for dnsmasq FEDORA-2016-6db1c9eb69", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dnsmasq FEDORA-2016-6db1c9eb69\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808769\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-09 05:44:18 +0200 (Tue, 09 Aug 2016)\");\n script_cve_id(\"CVE-2015-8899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dnsmasq FEDORA-2016-6db1c9eb69\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsmasq'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"dnsmasq on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-6db1c9eb69\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLUVZUNLF3AJYCIZKY5R2XMVZKH2L3CF\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsmasq\", rpm:\"dnsmasq~2.76~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-03-14T14:24:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-06-21T00:00:00", "id": "OPENVAS:1361412562310842799", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842799", "title": "Ubuntu Update for dnsmasq USN-3009-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for dnsmasq USN-3009-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842799\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-21 05:47:52 +0200 (Tue, 21 Jun 2016)\");\n script_cve_id(\"CVE-2015-8899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for dnsmasq USN-3009-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsmasq'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Edwin Tö rö k discovered that Dnsmasq\n incorrectly handled certain CNAME responses. A remote attacker could use this\n issue to cause Dnsmasq to crash, resulting in a denial of service.\");\n script_tag(name:\"affected\", value:\"dnsmasq on Ubuntu 16.04 LTS,\n Ubuntu 15.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3009-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3009-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(16\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq\", ver:\"2.75-1ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq-base\", ver:\"2.75-1ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq-utils\", ver:\"2.75-1ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq\", ver:\"2.75-1ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq-base\", ver:\"2.75-1ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dnsmasq-utils\", ver:\"2.75-1ubuntu0.15.10.1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T12:57:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2017-01-04T00:00:00", "id": "OPENVAS:1361412562310851464", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851464", "title": "SuSE Update for dnsmasq openSUSE-SU-2017:0016-1 (dnsmasq)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2017_0016_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for dnsmasq openSUSE-SU-2017:0016-1 (dnsmasq)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851464\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-04 09:00:43 +0100 (Wed, 04 Jan 2017)\");\n script_cve_id(\"CVE-2015-8899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for dnsmasq openSUSE-SU-2017:0016-1 (dnsmasq)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dnsmasq'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for dnsmasq fixes the following issues:\n\n - CVE-2015-8899: Denial of service between local and remote dns entries\n (bsc#983273)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n script_tag(name:\"affected\", value:\"dnsmasq on openSUSE Leap 42.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:0016_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dnsmasq\", rpm:\"dnsmasq~2.71~9.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dnsmasq-debuginfo\", rpm:\"dnsmasq-debuginfo~2.71~9.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dnsmasq-debugsource\", rpm:\"dnsmasq-debugsource~2.71~9.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dnsmasq-utils\", rpm:\"dnsmasq-utils~2.71~9.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dnsmasq-utils-debuginfo\", rpm:\"dnsmasq-utils-debuginfo~2.71~9.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-26T14:39:30", "bulletinFamily": "scanner", "description": "Dnsmasq is prone to a denial of service vulnerability.", "modified": "2018-10-25T00:00:00", "published": "2016-06-15T00:00:00", "id": "OPENVAS:1361412562310106095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106095", "title": "Dnsmasq DoS Vulnerability", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_dnsmasq_dos_vuln.nasl 12096 2018-10-25 12:26:02Z asteins $\n#\n# Dnsmasq DoS Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:thekelleys:dnsmasq';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106095\");\n script_version(\"$Revision: 12096 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-25 14:26:02 +0200 (Thu, 25 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-15 12:45:27 +0700 (Wed, 15 Jun 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2015-8899\");\n script_name(\"Dnsmasq DoS Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"dnsmasq_version.nasl\");\n script_mandatory_keys(\"dnsmasq/installed\");\n\n script_xref(name:\"URL\", value:\"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG\");\n script_xref(name:\"URL\", value:\"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html\");\n\n script_tag(name:\"summary\", value:\"Dnsmasq is prone to a denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Dnsmasq crashes when an A or AAAA record is defined locally,\n in a hosts file, and an upstream server sends a reply that the same name is empty.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker may cause a DoS condition.\");\n\n script_tag(name:\"affected\", value:\"Dnsmasq 2.73 until 2.75\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 2.76 or later\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port, exit_no_version:TRUE ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_in_range( version:version, test_version:\"2.73\", test_version2:\"2.75\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"2.76\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "suse": [{"lastseen": "2017-01-03T22:05:23", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following issues:\n\n - CVE-2015-8899: Denial of service between local and remote dns entries\n (bsc#983273)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "modified": "2017-01-03T20:07:59", "published": "2017-01-03T20:07:59", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00004.html", "id": "OPENSUSE-SU-2017:0016-1", "type": "suse", "title": "Security update for dnsmasq (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-12-20T18:05:35", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following issues:\n\n - CVE-2015-8899: Denial of service between local and remote dns entries\n (bsc#983273)\n\n", "modified": "2016-12-20T17:07:48", "published": "2016-12-20T17:07:48", "id": "SUSE-SU-2016:3199-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00074.html", "type": "suse", "title": "Security update for dnsmasq (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-12-23T18:05:39", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following issues:\n\n - CVE-2015-8899: Denial of service between local and remote dns entries\n (bsc#983273)\n\n", "modified": "2016-12-23T16:09:05", "published": "2016-12-23T16:09:05", "id": "SUSE-SU-2016:3257-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00092.html", "type": "suse", "title": "Security update for dnsmasq (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-12-23T22:05:34", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following issues:\n\n - CVE-2015-8899: Denial of service between local and remote dns entries\n (bsc#983273)\n\n", "modified": "2016-12-23T21:08:08", "published": "2016-12-23T21:08:08", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00094.html", "id": "SUSE-SU-2016:3269-1", "title": "Security update for dnsmasq (important)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-02T23:53:52", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following security issues:\n\n - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n - CVE-2017-14492: heap based overflow. [bsc#1060355]\n - CVE-2017-14493: stack based overflow. [bsc#1060360]\n - CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n - CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n\n This update brings a (small) potential incompatibility in the handling of\n "basename" in --pxe-service. Please read the CHANGELOG and the\n documentation if you are using this option.\n\n", "modified": "2017-10-02T21:09:17", "published": "2017-10-02T21:09:17", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html", "id": "SUSE-SU-2017:2617-1", "title": "Security update for dnsmasq (important)", "type": "suse", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-02T23:53:52", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following security issues:\n\n - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n - CVE-2017-14492: heap based overflow. [bsc#1060355]\n - CVE-2017-14493: stack based overflow. [bsc#1060360]\n - CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n - CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n\n This update brings a (small) potential incompatibility in the handling of\n "basename" in --pxe-service. Please read the CHANGELOG and the\n documentation if you are using this option.\n\n", "modified": "2017-10-02T21:11:28", "published": "2017-10-02T21:11:28", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html", "id": "SUSE-SU-2017:2619-1", "title": "Security update for dnsmasq (important)", "type": "suse", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-02T23:53:52", "bulletinFamily": "unix", "description": "This update for dnsmasq fixes the following issues.\n\n Remedy the following security issues:\n\n - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]\n - CVE-2017-14492: heap based overflow. [bsc#1060355]\n - CVE-2017-14493: stack based overflow. [bsc#1060360]\n - CVE-2017-14494: DHCP - info leak. [bsc#1060361]\n - CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]\n - CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]\n - Prevent a man-in-the-middle attack (bsc#972164, fate#321175).\n\n Furthermore, the following issues have been fixed:\n\n - Fix DHCP relaying, broken in 2.76 and 2.77.\n - Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).\n - Fix PXE booting for UEFI architectures (fate#322030).\n - Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)\n - Build with support for DNSSEC (fate#318323, bsc#908137).\n\n Please note that this update brings a (small) potential incompatibility in\n the handling of "basename" in --pxe-service. Please read the CHANGELOG and\n the documentation if you are using this option.\n\n", "modified": "2017-10-02T21:07:18", "published": "2017-10-02T21:07:18", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html", "id": "SUSE-SU-2017:2616-1", "title": "Security update for dnsmasq (important)", "type": "suse", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}]}
