4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
dnsmasq is vulnerable to denial of service. A NULL pointer dereference flaw was discovered in dnsmasq when the TFTP service is enabled. This flaw could allow a malicious TFTP client to crash the dnsmasq service.
CPE | Name | Operator | Version |
---|---|---|---|
dnsmasq | eq | 2.39__2.el5 | |
dnsmasq | eq | 2.45__1.el5_2.1 | |
dnsmasq | eq | 2.39__2.el5 | |
dnsmasq | eq | 2.45__1.el5_2.1 |
secunia.com/advisories/36563
www.coresecurity.com/content/dnsmasq-vulnerabilities
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1238.html
www.securityfocus.com/bid/36120
www.thekelleys.org.uk/dnsmasq/CHANGELOG
www.ubuntu.com/usn/USN-827-1
access.redhat.com/errata/RHSA-2009:1238
bugzilla.redhat.com/show_bug.cgi?id=519020
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9816
rhn.redhat.com/errata/RHSA-2010-0095.html