Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-2616-1.NASLHistoryOct 03, 2017 - 12:00 a.m.
SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2017:2616-1)
2017-10-0300:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
This update for dnsmasq fixes the following issues. Remedy the following security issues :
-
CVE-2017-14491: 2 byte heap based overflow.
[bsc#1060354] -
CVE-2017-14492: heap based overflow. [bsc#1060355]
-
CVE-2017-14493: stack based overflow. [bsc#1060360]
-
CVE-2017-14494: DHCP - info leak. [bsc#1060361]
-
CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
-
CVE-2017-14496: DNS - DoS Integer underflow.
[bsc#1060364] -
Prevent a man-in-the-middle attack (bsc#972164, fate#321175). Furthermore, the following issues have been fixed :
-
Fix DHCP relaying, broken in 2.76 and 2.77.
-
Update to version 2.78 (fate#321175, fate#322030, bsc#1035227).
-
Fix PXE booting for UEFI architectures (fate#322030).
-
Drop PrivateDevices=yes which breaks logging (bsc#902511, bsc#904537)
-
Build with support for DNSSEC (fate#318323, bsc#908137).
Please note that this update brings a (small) potential incompatibility in the handling of ‘basename’ in
–pxe-service. Please read the CHANGELOG and the documentation if you are using this option.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:2616-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(103637);
script_version("3.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2015-3294", "CVE-2015-8899", "CVE-2017-14491", "CVE-2017-14492", "CVE-2017-14493", "CVE-2017-14494", "CVE-2017-14495", "CVE-2017-14496");
script_bugtraq_id(74452);
script_xref(name:"IAVA", value:"2017-A-0284-S");
script_name(english:"SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2017:2616-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for dnsmasq fixes the following issues. Remedy the
following security issues :
- CVE-2017-14491: 2 byte heap based overflow.
[bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow.
[bsc#1060364]
- Prevent a man-in-the-middle attack (bsc#972164,
fate#321175). Furthermore, the following issues have
been fixed :
- Fix DHCP relaying, broken in 2.76 and 2.77.
- Update to version 2.78 (fate#321175, fate#322030,
bsc#1035227).
- Fix PXE booting for UEFI architectures (fate#322030).
- Drop PrivateDevices=yes which breaks logging
(bsc#902511, bsc#904537)
- Build with support for DNSSEC (fate#318323, bsc#908137).
Please note that this update brings a (small) potential
incompatibility in the handling of 'basename' in
--pxe-service. Please read the CHANGELOG and the
documentation if you are using this option.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1035227"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060354"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060355"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060360"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060361"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060362"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060364"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=902511"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=904537"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=908137"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=972164"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-3294/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8899/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14491/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14492/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14493/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14494/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14495/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14496/"
);
# https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?c3e05c7d"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-2017-1616=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/08");
script_set_attribute(attribute:"patch_publication_date", value:"2017/10/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/03");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"0", reference:"dnsmasq-2.78-6.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"dnsmasq-debuginfo-2.78-6.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"dnsmasq-debugsource-2.78-6.6.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dnsmasq");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | dnsmasq | p-cpe:/a:novell:suse_linux:dnsmasq |
| novell | suse_linux | dnsmasq-debuginfo | p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo |
| novell | suse_linux | dnsmasq-debugsource | p-cpe:/a:novell:suse_linux:dnsmasq-debugsource |
| novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
www.nessus.org/u?c3e05c7d
bugzilla.suse.com/show_bug.cgi?id=1035227
bugzilla.suse.com/show_bug.cgi?id=1060354
bugzilla.suse.com/show_bug.cgi?id=1060355
bugzilla.suse.com/show_bug.cgi?id=1060360
bugzilla.suse.com/show_bug.cgi?id=1060361
bugzilla.suse.com/show_bug.cgi?id=1060362
bugzilla.suse.com/show_bug.cgi?id=1060364
bugzilla.suse.com/show_bug.cgi?id=902511
bugzilla.suse.com/show_bug.cgi?id=904537
bugzilla.suse.com/show_bug.cgi?id=908137
bugzilla.suse.com/show_bug.cgi?id=972164
www.suse.com/security/cve/CVE-2015-3294/
www.suse.com/security/cve/CVE-2015-8899/
www.suse.com/security/cve/CVE-2017-14491/
www.suse.com/security/cve/CVE-2017-14492/
www.suse.com/security/cve/CVE-2017-14493/
www.suse.com/security/cve/CVE-2017-14494/
www.suse.com/security/cve/CVE-2017-14495/
www.suse.com/security/cve/CVE-2017-14496/
Related
nessus
nessus
SUSE SLES11 Security Update : dnsmasq (SUSE-SU-2017:2619-1)
2017-10-03 00:00:00
SUSE SLES11 Security Update : dnsmasq (SUSE-SU-2017:2617-1)
2017-10-03 00:00:00
Debian DSA-3989-1 : dnsmasq - security update
2017-10-03 00:00:00
suse
suse
Security update for dnsmasq (important)
2017-10-02 21:09:17
Security update for dnsmasq (important)
2017-10-02 21:07:18
Security update for dnsmasq (important)
2017-10-02 21:11:28
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2617-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2619-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2616-1)
2021-04-19 00:00:00
centos
centos
dnsmasq security update
2017-10-03 00:04:45
amazon
amazon
Critical: dnsmasq
2017-10-02 17:05:00
Critical: dnsmasq
2019-07-18 18:22:00
gentoo
gentoo
Dnsmasq: Multiple vulnerabilities
2017-10-23 00:00:00
Dnsmasq: Denial of service
2015-12-17 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: dnsmasq-2.76-5.fc26
2017-10-06 15:22:33
[SECURITY] Fedora 25 Update: dnsmasq-2.76-4.fc25
2017-10-23 22:52:39
[SECURITY] Fedora 27 Update: dnsmasq-2.77-9.fc27
2017-10-24 05:30:01
debian
debian
[SECURITY] [DSA 3989-1] dnsmasq security update
2017-10-02 18:30:02
[SECURITY] [DSA 3989-1] dnsmasq security update
2017-10-02 18:30:19
[SECURITY] [DLA 1124-1] dnsmasq security update
2017-10-06 14:42:47
archlinux
archlinux
[ASA-201710-1] dnsmasq: multiple issues
2017-10-02 00:00:00
redhat
redhat
(RHSA-2017:2836) Critical: dnsmasq security update
2017-10-02 13:34:30
(RHSA-2017:2837) Critical: dnsmasq security update
2017-10-02 13:34:44
(RHSA-2017:2839) Critical: dnsmasq security update
2017-10-02 13:35:14
arista
arista
Security Advisory 0030
2017-10-02 00:00:00
cert
cert
Dnsmasq contains multiple vulnerabilities
2017-10-02 00:00:00
ubuntu
ubuntu
Dnsmasq vulnerabilities
2017-10-03 00:00:00
Dnsmasq regression
2018-01-04 00:00:00
Dnsmasq vulnerabilities
2017-10-02 00:00:00
oraclelinux
oraclelinux
dnsmasq security update
2017-10-02 00:00:00
mageia
mageia
Updated dnsmasq packages fix security vulnerabilities
2017-10-09 12:51:10
Updated dnsmasq packages fix security vulnerabilities
2017-10-09 12:51:10
Updated dnsmasq packages fix CVE-2015-3294
2015-05-12 22:37:48
thn
thn
Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software
2017-10-02 23:44:00
freebsd
freebsd
dnsmasq -- multiple vulnerabilities
2017-10-02 00:00:00
dnsmasq -- denial of service
2016-04-18 00:00:00
dnsmasq -- data exposure and denial of service
2015-04-07 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0074
2017-10-04 00:00:00
threatpost
threatpost
Google Warns of DoS and RCE Bugs in Dnsmasq
2017-10-03 13:16:06
myhack58
myhack58
ibm
ibm
f5
f5
K32582354 : Multiple dnsmasq vulnerabilities
2017-10-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dnsmasq version 2.78-alt1
2017-10-06 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2017-10-02 18:43:20
huawei
huawei
Security Advisory - Seven vulnerabilities in Google Dnsmasq
2017-11-03 00:00:00
osv
osv
dnsmasq - security update
2017-10-02 00:00:00
dnsmasq - security update
2017-10-06 00:00:00
CVE-2017-14495
2017-10-03 01:29:02
redhatcve
redhatcve
ics
ics
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
2020-10-13 12:00:00
debiancve
debiancve
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2016-06-30 17:59:00
Stack overflow
2017-10-03 01:29:00
Memory corruption
2017-10-03 01:29:00
checkpoint_advisories
checkpoint_advisories
Dnsmasq Lack of Free Denial of Service (CVE-2017-14495)
2017-10-03 00:00:00
Dnsmasq Integer Underflow Denial Of Service (CVE-2017-14496)
2017-10-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 01:47:46
Arbitrary Code Execution
2019-05-02 06:37:12
alpinelinux
alpinelinux
packetstorm
packetstorm
Dnsmasq Stack-Based Overflow
2017-10-02 00:00:00
Dnsmasq Integer Underflow
2017-10-02 00:00:00
Dnsmasq Lack Of Free() Denial Of Service
2017-10-02 00:00:00
exploitpack
exploitpack
Dnsmasq 2.78 - Heap Overflow
2017-10-02 00:00:00
Dnsmasq 2.78 - Integer Underflow
2017-10-02 00:00:00
Dnsmasq 2.78 - Lack of free() Denial of Service
2017-10-02 00:00:00
zdt
zdt
Dnsmasq < 2.78 - Stack-Based Overflow Exploit
2017-10-02 00:00:00
Dnsmasq < 2.78 - Lack of free() Denial of Service Exploit
2017-10-02 00:00:00
seebug
seebug
Dnsmasq DoS Vulnerability(CVE-2017-14495)
2017-10-09 00:00:00
Dnsmasq DoS Vulnerability(CVE-2017-14496)
2017-10-09 00:00:00
Dnsmasq Stack based overflow(CVE-2017-14493)
2017-10-09 00:00:00
securityvulns
securityvulns
Dnsmasq 2.72 Unchecked returned value
2015-05-05 00:00:00
dnsmasq uninitialized memory dereference
2015-05-05 00:00:00
[USN-2593-1] Dnsmasq vulnerability
2015-05-04 00:00:00
Related for SUSE_SU-2017-2616-1.NASL