dnsmasq is vulnerable to birthday attack. The vulnerability exist because of unsanitized check for an existing pending request for the same name and forwards a new request.

References

bugzilla.redhat.com/show_bug.cgi?id=1890125

lists.fedoraproject.org/archives/list/[email protected]/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/

lists.fedoraproject.org/archives/list/[email protected]/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/

secdb.alpinelinux.org/v3.12/main.yaml

security.gentoo.org/glsa/202101-17

www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61

www.debian.org/security/2021/dsa-4844

www.jsof-tech.com/disclosures/dnspooq/

cbl_mariner 1

ubuntucve 2

cvelist 2

osv 5

cve 2

nvd 2

prion 2

alpinelinux 2

debiancve 2

redhatcve 2

redhat 14

thn 1

openvas 32

f5 1

nessus 57

githubexploit 1

ibm 1

arista 1

amazon 1

oraclelinux 2

centos 1

gentoo 1

altlinux 1

debian 2

fedora 2

archlinux 1

openwrt 1

freebsd 1

mageia 1

cert 1

cisco 1

malwarebytes 1

suse 2

threatpost 1

slackware 1

ubuntu 2

photon 6

almalinux 1

ics 1

rosalinux 1

cbl_mariner

CVE-2020-25686 affecting package dnsmasq 2.79-11

2021-05-06 23:56:42

ubuntucve

CVE-2020-25686

2021-01-19 00:00:00

CVE-2020-25684

2021-01-19 00:00:00

cvelist

CVE-2020-25686

2021-01-20 16:47:17

CVE-2020-25684

2021-01-20 15:22:21

osv

CVE-2020-25686

2021-01-20 17:15:13

CVE-2020-25684

2021-01-20 16:15:14

dnsmasq - security update

2021-02-02 00:00:00

cve

CVE-2020-25686

2021-01-20 17:15:13

CVE-2020-25684

2021-01-20 16:15:14

nvd

CVE-2020-25686

2021-01-20 17:15:13

CVE-2020-25684

2021-01-20 16:15:14

prion

Design/Logic Flaw

2021-01-20 17:15:00

Design/Logic Flaw

2021-01-20 16:15:00

alpinelinux

CVE-2020-25686

2021-01-20 17:15:13

CVE-2020-25684

2021-01-20 16:15:14

debiancve

CVE-2020-25686

2021-01-20 17:15:13

CVE-2020-25684

2021-01-20 16:15:14

redhatcve

CVE-2020-25686

2021-01-19 12:18:42

CVE-2020-25684

2021-01-19 14:57:23

redhat

(RHSA-2021:0245) Moderate: dnsmasq security update

2021-01-25 14:51:18

(RHSA-2021:0153) Moderate: dnsmasq security update

2021-01-19 12:37:34

(RHSA-2021:0240) Moderate: dnsmasq security update

2021-01-25 14:03:53

thn

A Set of Severe Flaws Affect Popular DNSMasq DNS Forwarder

2021-01-19 12:01:00

openvas

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2021-2134)

2021-07-07 00:00:00

QNAP QTS DNSpooq Vulnerabilities (QSA-21-09)

2021-07-01 00:00:00

CentOS: Security Advisory for dnsmasq (CESA-2021:0153)

2021-01-27 00:00:00

K98221124 : Multiple dnsmasq vulnerabilities CVE-2020-25684, CVE-2020-25685, and CVE-2020-25686

2021-03-30 00:00:00

nessus

Oracle Linux 7 : dnsmasq (ELSA-2021-0153)

2021-01-19 00:00:00

EulerOS Virtualization 3.0.2.2 : dnsmasq (EulerOS-SA-2021-2134)

2021-07-06 00:00:00

RHEL 7 : dnsmasq (RHSA-2021:0154)

2021-01-19 00:00:00

githubexploit

Exploit for CVE-2020-25684

2021-01-23 19:07:18

ibm

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2020-25684, CVE-2020-25685, CVE-2020-25686)

2021-08-04 17:40:31

arista

Security Advisory 0061

2021-01-19 00:00:00

amazon

Medium: dnsmasq

2021-01-25 23:09:00

oraclelinux

dnsmasq security update

2021-01-19 00:00:00

dnsmasq security update

2021-01-20 00:00:00

centos

dnsmasq security update

2021-01-25 14:08:58

gentoo

Dnsmasq: Multiple vulnerabilities

2021-01-22 00:00:00

altlinux

Security fix for the ALT Linux 10 package dnsmasq version 2.83-alt1

2021-01-22 00:00:00

debian

[SECURITY] [DSA 4844-1] dnsmasq security update

2021-02-04 07:37:12

[SECURITY] [DSA 4844-1] dnsmasq security update

2021-02-04 07:37:12

fedora

[SECURITY] Fedora 33 Update: dnsmasq-2.83-1.fc33

2021-01-21 01:47:44

[SECURITY] Fedora 32 Update: dnsmasq-2.84-1.fc32

2021-02-20 01:34:26

archlinux

[ASA-202101-38] dnsmasq: multiple issues

2021-01-20 00:00:00

openwrt

Security Advisory 2021-01-19-1 - dnsmasq multiple vulnerabilities (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687)

2021-01-19 00:00:00

freebsd

dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities

2020-09-16 00:00:00

mageia

Updated dnsmasq packages fix security vulnerability

2021-01-29 22:05:33

cert

Dnsmasq is vulnerable to memory corruption and cache poisoning

2021-01-19 00:00:00

cisco

Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021

2021-01-19 12:15:00

malwarebytes

DNSpooq bugs haunt dnsmasq

2021-01-21 15:56:12

suse

Security update for dnsmasq (important)

2021-01-20 00:00:00

Security update for dnsmasq (important)

2021-01-20 00:00:00

threatpost

DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

2021-01-19 21:25:10

slackware

[slackware-security] dnsmasq

2021-02-09 20:59:31

ubuntu

Dnsmasq regression

2021-02-24 00:00:00

Dnsmasq vulnerabilities

2021-01-19 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0312

2021-01-22 00:00:00

Important Photon OS Security Update - PHSA-2021-0312

2021-01-22 00:00:00

Important Photon OS Security Update - PHSA-2021-0356

2021-01-22 00:00:00

almalinux

Important: dnsmasq security update

2021-01-19 12:37:10

ics

dnsmasq by Simon Kelley (Update A)

2021-03-09 12:00:00

rosalinux

Advisory ROSA-SA-2021-1823

2021-07-02 16:38:26

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.005

Percentile

77.3%

JSON

Related for VERACODE:29040