6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
dnsmasq is vulnerable to arbitrary code execution. Core Security Technologies discovered a heap overflow flaw in dnsmasq when the TFTP service is enabled (the ββenable-tftpβ command line option, or by enabling βenable-tftpβ in β/etc/dnsmasq.confβ). If the configured tftp-root is sufficiently long, and a remote user sends a request that sends a long file name, dnsmasq could crash or, possibly, execute arbitrary code with the privileges of the dnsmasq service (usually the unprivileged βnobodyβ user).
CPE | Name | Operator | Version |
---|---|---|---|
dnsmasq | eq | 2.45__1.el5_2.1 | |
dnsmasq | eq | 2.39__2.el5 | |
dnsmasq | eq | 2.45__1.el5_2.1 | |
dnsmasq | eq | 2.39__2.el5 |
secunia.com/advisories/36563
www.coresecurity.com/content/dnsmasq-vulnerabilities
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1238.html
www.securityfocus.com/bid/36121
www.thekelleys.org.uk/dnsmasq/CHANGELOG
www.ubuntu.com/usn/USN-827-1
access.redhat.com/errata/RHSA-2009:1238
bugzilla.redhat.com/show_bug.cgi?id=519020
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10538
rhn.redhat.com/errata/RHSA-2010-0095.html