Lucene search
Ubuntu.comUB:CVE-2013-0198HistoryMar 05, 2013 - 12:00 a.m.
CVE-2013-0198
2013-03-0500:00:00
ubuntu.com
ubuntu.com
5
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
78.5%
Dnsmasq before 2.66test2, when used with certain libvirt configurations,
replies to queries from prohibited interfaces, which allows remote
attackers to cause a denial of service (traffic amplification) via spoofed
TCP based DNS queries. NOTE: this vulnerability exists because of an
incomplete fix for CVE-2012-3411.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=894486>
- <https://bugzilla.redhat.com/show_bug.cgi?id=904940>
Notes
| Author | Note |
|---|---|
| mdeslaur | may introduce changes in behaviour, see https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1126488 we will not be fixing this in Ubuntu 12.04 LTS, users in environments where this issue is problematic are recommended to upgrade to a more recent LTS release. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 13.04 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 13.10 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 14.04 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 14.10 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 15.04 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 15.10 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
| ubuntu | 16.04 | noarch | dnsmasq | < 2.65-1ubuntu1 | UNKNOWN |
Related
openvas
openvas
Fedora Update for dnsmasq FEDORA-2013-1320
2013-02-22 00:00:00
Fedora Update for dnsmasq FEDORA-2013-1357
2013-02-15 00:00:00
Fedora Update for dnsmasq FEDORA-2013-1320
2013-02-22 00:00:00
gentoo
gentoo
Dnsmasq: Denial of Service
2014-06-25 00:00:00
cvelist
cvelist
CVE-2013-0198
2013-03-04 21:00:00
CVE-2012-3411
2013-03-04 21:00:00
nessus
nessus
Mandriva Linux Security Advisory : dnsmasq (MDVSA-2013:072)
2013-04-20 00:00:00
GLSA-201406-24 : Dnsmasq: Denial of Service
2014-06-26 00:00:00
Fedora 17 : dnsmasq-2.65-4.fc17 (2013-1320)
2013-02-19 00:00:00
prion
prion
Code injection
2013-03-05 21:38:00
Code injection
2013-03-05 21:38:00
debiancve
debiancve
CVE-2013-0198
2013-03-05 21:38:00
CVE-2012-3411
2013-03-05 21:38:00
cve
cve
CVE-2013-0198
2013-03-05 21:38:00
CVE-2012-3411
2013-03-05 21:38:00
redhat
redhat
centos
centos
dnsmasq security update
2013-02-27 19:34:22
libvirt security update
2013-02-27 19:36:11
amazon
amazon
Medium: dnsmasq
2013-03-02 16:49:00
fedora
fedora
[SECURITY] Fedora 17 Update: dnsmasq-2.63-1.fc17
2012-09-12 00:31:29
[SECURITY] Fedora 18 Update: libvirt-0.10.2.2-3.fc18
2012-12-20 05:38:21
[SECURITY] Fedora 18 Update: dnsmasq-2.65-4.fc18
2013-02-12 04:58:59
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:53
oraclelinux
oraclelinux
dnsmasq security, bug fix and enhancement update
2013-02-22 00:00:00
libvirt security, bug fix, and enhancement update
2013-02-27 00:00:00
ubuntucve
ubuntucve
CVE-2012-3411
2013-03-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dnsmasq version 2.65-alt1
2013-03-06 00:00:00
osv
osv
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
78.5%
Related for UB:CVE-2013-0198