14 matches found
Unity Linux 20.1060e / 20.1070e Security Update: dnsmasq (UTSA-2026-017412)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017412 advisory. A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwardi...
ROS-20260209-73-0001
A vulnerability in the Avahi Wide-Area Local Area Network Service Discovery System is related to the use of insufficiently randomized values. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information through a specially crafte...
Linux Distros Unpatched Vulnerability : CVE-2021-3448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while...
SUSE CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...
CVE-2022-34294
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...
PT-2022-22110 · Totd · Totd
Name of the Vulnerable Software and Affected Versions: totd version 1.5.3 Description: The issue allows DNS cache poisoning due to the use of a fixed UDP source port in upstream queries sent to DNS resolvers, resulting in insufficient entropy to prevent traffic injection attacks. Recommendations:...
EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2021-2268)
According to the version of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed...
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface dnsmasq uses a fixed port while forwarding queries. An attacker on the network able to find the outgoing port used by dnsmasq only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
...
Dnsmasq < 2.85 DNS Cache Poisoning Vulnerability
Dnsmasq is prone to a DNS cache poisoning vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
DNS Cache Poisoning
dnsmasq is vulnerable to DNS cache poisoning. The vulnerability exists as dnsmasq uses a fixed port while forwarding queries, allowing to easily forge a reply with the same transmission ID to get accepted by dnsmasq...
ALPINE-CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...
DEBIAN-CVE-2021-3448
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...
DEBIAN-CVE-2008-4100
GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...
PT-2008-5403 · Gnu +1 · Gnu Adns +1
Name of the Vulnerable Software and Affected Versions: GNU adns versions 1.4 and earlier Description: The issue allows remote attackers to spoof DNS responses due to the use of a fixed source port and sequential transaction IDs for DNS requests. This behavior is reported by the vendor as intended...