Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231061597HistorySep 24, 2008 - 12:00 a.m.
Gentoo Security Advisory GLSA 200809-02 (dnsmasq)
2008-09-2400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
3
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
The remote host is missing updates announced in
advisory GLSA 200809-02.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.61597");
script_version("2023-11-02T05:05:26+0000");
script_tag(name:"last_modification", value:"2023-11-02 05:05:26 +0000 (Thu, 02 Nov 2023)");
script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
script_cve_id("CVE-2008-3350", "CVE-2008-1447");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-03-24 18:19:00 +0000 (Tue, 24 Mar 2020)");
script_name("Gentoo Security Advisory GLSA 200809-02 (dnsmasq)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"Two vulnerabilities in dnsmasq might allow for a Denial of Service or
spoofing of DNS replies.");
script_tag(name:"solution", value:"All dnsmasq users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-dns/dnsmasq-2.45'");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200809-02");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=231282");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=232523");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200809-02.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"net-dns/dnsmasq", unaffected: make_list("ge 2.45"), vulnerable: make_list("lt 2.45"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
openvas
openvas
Gentoo Security Advisory GLSA 200809-02 (dnsmasq)
2008-09-24 00:00:00
Slackware Advisory SSA:2008-334-01 ruby
2012-09-11 00:00:00
CentOS Update for bind CESA-2008:0533 centos4 i386
2009-02-27 00:00:00
gentoo
gentoo
dnsmasq: Denial of Service and DNS spoofing
2008-09-04 00:00:00
BIND: Cache poisoning
2008-07-11 00:00:00
pdnsd: Denial of Service and cache poisoning
2009-01-11 00:00:00
securityvulns
securityvulns
[ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing
2008-09-07 00:00:00
dnsmasq multiple security vulnerabilities
2008-09-07 00:00:00
nessus
nessus
GLSA-200809-02 : dnsmasq: Denial of Service and DNS spoofing
2008-09-05 00:00:00
dnsmasq < 2.45 Multiple Remote DoS
2008-09-08 00:00:00
Ubuntu 8.04 LTS : dnsmasq vulnerability (USN-627-1)
2008-07-23 00:00:00
seebug
seebug
Dnsmasq DCHPη§ζε€δΈͺθΏη¨ζη»ζε‘ζΌζ΄
2008-09-10 00:00:00
BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
2008-07-24 00:00:00
BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
2008-07-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 6 package bind version 9.3.5-alt2
2008-06-06 00:00:00
Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6
2008-08-12 00:00:00
debian
debian
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing
2008-07-27 09:36:54
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
2008-07-08 17:05:29
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing
2008-07-27 09:36:54
exploitpack
exploitpack
BIND 9.4.1 9.4.2 - Remote DNS Cache Poisoning (Metasploit)
2008-07-23 00:00:00
BIND 9.x - Remote DNS Cache Poisoning (Python)
2008-07-24 00:00:00
BIND 9.x - Remote DNS Cache Poisoning
2008-07-25 00:00:00
f5
f5
K8938 : BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2013-03-19 00:00:00
SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
2008-07-10 00:00:00
redhat
redhat
(RHSA-2008:0533) Important: bind security update
2008-07-08 00:00:00
(RHSA-2008:0789) Moderate: dnsmasq security update
2008-08-11 00:00:00
oraclelinux
oraclelinux
dnsmasq security update
2008-08-11 00:00:00
bind security update
2008-07-08 00:00:00
prion
prion
fedora
fedora
[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9
2008-07-09 21:45:32
[SECURITY] Fedora 9 Update: dnsmasq-2.45-1.fc9
2009-02-14 22:11:22
[SECURITY] Fedora 9 Update: bind-9.5.1-1.P1.fc9
2009-01-15 02:51:25
cve
cve
freebsd
freebsd
ruby -- DNS spoofing vulnerability
2008-08-08 00:00:00
FreeBSD -- DNS cache poisoning
2008-07-08 00:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
bailiwicked_domain.rb.txt
2008-07-24 00:00:00
bind9x-poison.txt
2008-07-25 00:00:00
bailiwicked_host.rb.txt
2008-07-24 00:00:00
osv
osv
bind9 - cache poisoning
2008-07-08 00:00:00
refpolicy - incompatible policy
2008-07-25 00:00:00
suse
suse
DNS cache poisoning in bind
2008-07-11 09:57:52
ubuntucve
ubuntucve
debiancve
debiancve
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:06.bind
2008-07-13 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2008-07-24 00:02:47
[slackware-security] bind
2008-07-10 04:29:01
[slackware-security] ruby
2008-11-29 21:37:03
ubuntu
ubuntu
Bind vulnerability
2008-07-08 00:00:00
Dnsmasq vulnerability
2008-07-22 00:00:00
checkpoint_security
checkpoint_security
Check Point response to DNS poisoning vulnerability CVE-2008-1447
2008-07-05 21:00:00
centos
centos
bind security update
2008-07-09 01:20:56
bind, caching, selinux security update
2008-07-08 22:25:27
redhatcve
redhatcve
CVE-2008-3350
2015-10-30 10:05:08
rubygems
rubygems
ruby -- DNS spoofing vulnerability in resolv.rb
2008-05-04 20:00:00
mskb
mskb
MS08-037: Vulnerabilities in DNS could allow spoofing
2018-04-17 19:03:20
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
7.2 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.133 Low
EPSS
Percentile
95.5%
Related for OPENVAS:136141256231061597