Lucene search
Veracode Vulnerability DatabaseVERACODE:29939HistoryApr 09, 2021 - 4:10 a.m.
DNS Cache Poisoning
2021-04-0904:10:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
0.002 Low
EPSS
Percentile
60.7%
dnsmasq is vulnerable to DNS cache poisoning. The vulnerability exists as dnsmasq uses a fixed port while forwarding queries, allowing to easily forge a reply with the same transmission ID to get accepted by dnsmasq.
References
bugzilla.redhat.com/show_bug.cgi?id=1939368
lists.fedoraproject.org/archives/list/[email protected]/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/
lists.fedoraproject.org/archives/list/[email protected]/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/
lists.fedoraproject.org/archives/list/[email protected]/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/
security-tracker.debian.org/tracker/CVE-2021-3448
security.gentoo.org/glsa/202105-20
www.oracle.com/security-alerts/cpujan2022.html
Related
fedora
fedora
[SECURITY] Fedora 33 Update: dnsmasq-2.85-1.fc33
2021-04-23 19:02:10
[SECURITY] Fedora 34 Update: dnsmasq-2.85-1.fc34
2021-04-24 20:22:41
[SECURITY] Fedora 32 Update: dnsmasq-2.85-1.fc32
2021-04-24 18:23:55
nessus
nessus
EulerOS Virtualization 2.9.1 : dnsmasq (EulerOS-SA-2021-2189)
2021-07-13 00:00:00
EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2021-2458)
2021-09-24 00:00:00
Rocky Linux 8 : dnsmasq (RLSA-2021:4153)
2023-11-06 00:00:00
redhat
redhat
(RHSA-2021:4153) Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
ubuntu
ubuntu
Dnsmasq vulnerability
2022-09-07 00:00:00
Dnsmasq vulnerability
2021-06-02 00:00:00
photon
photon
cvelist
cvelist
CVE-2021-3448
2021-04-08 22:06:45
altlinux
altlinux
Security fix for the ALT Linux 9 package dnsmasq version 2.85-alt1
2021-04-12 00:00:00
Security fix for the ALT Linux 10 package dnsmasq version 2.85-alt1
2021-04-09 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0231)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4976-2)
2022-09-16 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2021-2458)
2021-09-24 00:00:00
osv
osv
Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
CVE-2021-3448
2021-04-08 23:15:00
almalinux
almalinux
Moderate: dnsmasq security and bug fix update
2021-11-09 08:24:48
oraclelinux
oraclelinux
dnsmasq security and bug fix update
2021-11-16 00:00:00
mageia
mageia
Updated dnsmasq packages fix a security vulnerability
2021-06-08 17:33:02
slackware
slackware
[slackware-security] dnsmasq
2021-04-12 20:29:49
cbl_mariner
cbl_mariner
CVE-2021-3448 affecting package dnsmasq 2.84-1
2021-05-06 23:56:42
nvd
nvd
CVE-2021-3448
2021-04-08 23:15:12
prion
prion
Design/Logic Flaw
2021-04-08 23:15:00
gentoo
gentoo
Dnsmasq: DNS cache poisoning
2021-05-26 00:00:00
freebsd
freebsd
dnsmasq -- cache poisoning vulnerability in certain configurations
2021-03-17 00:00:00
alpinelinux
alpinelinux
CVE-2021-3448
2021-04-08 23:15:12
ubuntucve
ubuntucve
CVE-2021-3448
2021-04-08 00:00:00
cve
cve
CVE-2021-3448
2021-04-08 23:15:12
debiancve
debiancve
CVE-2021-3448
2021-04-08 23:15:12
rocky
rocky
dnsmasq security and bug fix update
2021-11-09 08:24:48
redhatcve
redhatcve
CVE-2021-3448
2021-03-17 11:03:59
suse
suse
Security update for dnsmasq (moderate)
2021-10-31 00:00:00
Security update for dnsmasq (moderate)
2021-10-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1823
2021-07-02 16:38:26
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00