CVE-2017-14997

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service excessive memory allocation because of an integer underflow in ReadPICTImage in coders/pict.c...

CVE-2017-14997

CVE-2017-14997 affects GraphicsMagick (notably the 1.3.26 release in the provided description) due to an integer underflow in ReadPICTImage (coders/pict.c) that allows a remote attacker to trigger a denial of service via excessive memory allocation. The connected documents corroborate that this C...

CVE-2017-14997

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service excessive memory allocation because of an integer underflow in ReadPICTImage in coders/pict.c...

Security update for dnsmasq (important)

This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM DoS...

CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

DEBIAN-CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

dnsmasq security update

CentOS Errata and Security Advisory CESA-2017:2836 An update for dnsmasq is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2017:2618-1)

This update for dnsmasq fixes the following security issues : - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM Do...

Amazon Linux AMI : dnsmasq (ALAS-2017-907)

Information leak in the DHCPv6 relay code An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. CVE-2017-14494 Memor...

RHEL 7 : dnsmasq (RHSA-2017:2836)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2836 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

SUSE SLES11 Security Update : dnsmasq (SUSE-SU-2017:2619-1)

This update for dnsmasq fixes the following security issues : - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM Do...

CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

CVE-2017-14496

CVE-2017-14496: dnsmasq contains an integer underflow in the EDNS0 add_pseudoheader handling when --add-mac, --add-cpe-id, or --add-subnet is used, allowing a denial of service via crafted DNS requests. Public advisories (CentOS/RH, Arch Linux, AWS ALAS) and Arista note fixes, with upgrades to dn...

CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

Critical: Red Hat Security Advisory: dnsmasq security update

An update for dnsmasq is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE-SU-2017:2618-1 Security update for dnsmasq

This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM DoS...

CVE-2017-14496

An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet...

Dnsmasq < 2.78 - Integer Underflow Exploit

Exploit for multiple platform in category dos / poc ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the...

Dnsmasq 2.78 - Integer Underflow

Dnsmasq 2.78 - Integer Underflow ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option i...

Dnsmasq Integer Underflow

Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option is specified: --add-mac, --add-cpe-id ...