35 matches found
CVE-2026-6507
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...
CVE-2026-6507
A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...
PT-2026-33448
Name of the Vulnerable Software and Affected Versions dnsmasq affected versions not specified Description A remote attacker can trigger an out-of-bounds write by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a server configured with the --dhcp-split-relay option. This...
MiracleLinux 7 : dnsmasq-2.76-16.el7.1 (AXSA:2021-1266:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1266:01 advisory. dnsmasq: loose address/port check in replyquery makes forging replies easier for an off-path attacker CVE-2020-25684 dnsmasq: loose query name check...
EUVD-2020-6464
Malware in sbrugna...
EUVD-2020-18346
Malware in sbrugna...
EUVD-2020-18347
Malware in sbrugna...
EUVD-2021-26773
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-14312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it...
dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232
A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...
dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232
A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...
SUSE CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query,...
DEBIAN-CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
Dnsmasq 缓冲区错误漏洞
dnsmasq is a lightweight DNS forwarding and DHCP, TFTP server written in C. Dnsmasq 2.86 suffers from a buffer error vulnerability that stems from having a heap-based buffer overflow in answerrequest called from FuzzAnswerTheRequest and fuzzrfc1035.c...
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface dnsmasq uses a fixed port while forwarding queries. An attacker on the network able to find the outgoing port used by dnsmasq only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
...
CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...
UBUNTU-CVE-2020-14312
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not...
dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially...
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...