Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2019/05/16 1:47 a.m.28 views

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted DNS packets to cause the addpseudoheader function to allocate memory that is never freed, consuming excessive memory on the target system which leads application to crash.This issue only affects...

7.5CVSS8.2AI score0.84323EPSS
Exploits5References25Affected Software1
BDU FSTEC
BDU FSTECadded 2017/11/03 12:0 a.m.3 views

The vulnerability of the add_pseudoheader function in the Dnsmasq DNS server allows a hacker to cause a service failure.

The vulnerability of the addpseudoheader function in the Dnsmasq DNS server arises from the loss of a significant number of bits in cases where parameters addmac, addcpeid, or addsubnet are specified. Exploiting this vulnerability allows a malicious actor to cause a service failure through a...

7.8CVSS7.7AI score0.66347EPSS
Exploits5References22Affected Software1
Prion
Prionadded 2017/10/03 1:29 a.m.88 views

Integer overflow

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

7.8CVSS7.9AI score0.66347EPSS
Exploits5References22Affected Software8
Cvelist
Cvelistadded 2017/10/02 9:0 p.m.24 views

CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

8.2AI score0.66347EPSS
Exploits5References22
CVE
CVEadded 2017/10/02 9:0 p.m.860 views

CVE-2017-14496

CVE-2017-14496: dnsmasq contains an integer underflow in the EDNS0 add_pseudoheader handling when --add-mac, --add-cpe-id, or --add-subnet is used, allowing a denial of service via crafted DNS requests. Public advisories (CentOS/RH, Arch Linux, AWS ALAS) and Arista note fixes, with upgrades to dn...

7.8CVSS8.1AI score0.66347EPSS
Exploits5References22Affected Software7
Packet Storm
Packet Stormadded 2017/10/02 12:0 a.m.408 views

Dnsmasq Integer Underflow

Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option is specified: --add-mac, --add-cpe-id ...

0.1AI score0.66347EPSS
Exploits5
OSV
OSVadded 2017/10/02 12:0 a.m.3 views

UBUNTU-CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

7.5CVSS7.3AI score0.66347EPSS
Exploits5References5
Rows per page
Query Builder