13 matches found
Mageia: Security Advisory (MGASA-2017-0367)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0364)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
countylinemagazine.com Cross Site Scripting vulnerability
Security Researcher Kaushik49617036 Helped patch 0 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting countylinemagazine.com website and its users. Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard,...
Fedora 27 : dnsmasq (2017-274d763ed8)
Fixes CVE-2017-13704 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Siemens --------- Begin Update C Part 1 of 3 -------- Equipment: SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 --------- End Update C Part 1 of 3 -------- Vulnerabilities: Resource...
DNSmasq Integer Underflow Denial Of Service (CVE-2017-13704)
An integer underflow vulnerability exists over Dnsmasq. This is due to the way Dnsmasq handles TTL requests. A successful attack could lead to a denial of service...
Security fix for the ALT Linux 10 package dnsmasq version 2.78-alt1
Oct. 6, 2017 Mikhail Efremov 2.78-alt1 - Updated to 2.78 fixes: CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496...
dnsmasq < 2.78 Multiple Remote Vulnerabilities
The version of dnsmasq installed on the remote host is prior to 2.78, and thus, is affected by the following vulnerabilities : - Denial of service related to handling DNS queries exceeding 512 bytes. CVE-2017-13704 - Heap overflow related to handling DNS requests. CVE-2017-14491 - Heap overflow...
CVE-2017-13704
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's 0xffffffffffffffff in 64 bit platforms, making dnsmasq crash...
[slackware-security] dnsmasq
New dnsmasq packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/dnsmasq-2.78-i586-1slack14.2.txz: Upgraded. This update fixes bugs and remotely exploitable security...
UBUNTU-CVE-2017-13704
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's 0xffffffffffffffff in 64 bit platforms, making dnsmasq crash...
dnsmasq -- multiple vulnerabilities
Google Project Zero reports: CVE-2017-14491: Heap based overflow 2 bytes. Before 2.76 and this commit overflow was unrestricted. CVE-2017-14492: Heap based overflow. CVE-2017-14493: Stack Based overflow. CVE-2017-14494: Information Leak CVE-2017-14495: Lack of free CVE-2017-14496: Invalid boundar...
CVE-2017-13704
An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash...