Dnsmasq DHCP Broadcast Reply Request DoS

2006-04-23T07:47:38
ID OSVDB:24884
Type osvdb
Reporter Sandra Dekkers()
Modified 2006-04-23T07:47:38

Description

Vulnerability Description

Dnsmasq contains a flaw that may allow a remote denial of service. The issue is triggered when a DHCP client requests a broadcast reply, and will result in loss of availability for the service.

Solution Description

Upgrade to version 2.30 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Dnsmasq contains a flaw that may allow a remote denial of service. The issue is triggered when a DHCP client requests a broadcast reply, and will result in loss of availability for the service.

References:

Vendor URL: http://thekelleys.org.uk/dnsmasq/doc.html Vendor Specific News/Changelog Entry: http://thekelleys.org.uk/dnsmasq/CHANGELOG Secunia Advisory ID:19760 FrSIRT Advisory: ADV-2006-1494 CVE-2006-2017 Bugtraq ID: 17662