Lucene search
Veracode Vulnerability DatabaseVERACODE:29221HistoryFeb 03, 2021 - 4:30 a.m.
DNS Cache Poisoning
2021-02-0304:30:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
apport
dns cache poisoning
dnsmasq
reply query handling
network attack
rfc5452
software vulnerability
EPSS
0.001
Percentile
18.5%
apport is vulnerable to DNS cache poisoning. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query() if the reply destination address/port is one of those used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies the attributes of a query that all must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack.
Related
ubuntucve
ubuntucve
CVE-2021-25684
2021-02-02 00:00:00
cve
cve
CVE-2021-25684
2021-06-11 03:15:06
cnvd
cnvd
Apport Input Validation Error Vulnerability (CNVD-2021-54400)
2021-07-21 00:00:00
prion
prion
Design/Logic Flaw
2021-06-11 03:15:00
nvd
nvd
CVE-2021-25684
2021-06-11 03:15:06
cvelist
cvelist
CVE-2021-25684 apport can be stalled by reading a FIFO
2021-06-11 02:20:20
ubuntu
ubuntu
Apport vulnerabilities
2021-02-02 00:00:00
Apport vulnerabilities
2021-02-03 00:00:00
osv
osv
apport vulnerabilities
2021-02-03 13:20:03
apport vulnerabilities
2021-02-02 18:06:56
openvas
openvas
Ubuntu: Security Advisory (USN-4720-2)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-4720-1)
2021-02-03 00:00:00
nessus
nessus