Denial of Service : Dnsmasq < 2.66test2 DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.118155

Categoría: Denial of Service

Título: Dnsmasq < 2.66test2 DoS Vulnerability

Resumen: Dnsmasq is prone to a Denial of Service (DoS); vulnerability.

Descripción: Summary:
Dnsmasq is prone to a Denial of Service (DoS)
vulnerability.

Vulnerability Insight:
Dnsmasq, when used with certain libvirt configurations, replies
to queries from prohibited interfaces, which allows remote attackers to cause a denial of service
(traffic amplification) via spoofed TCP based DNS queries.

NOTE: This vulnerability exists because of an incomplete fix for CVE-2012-3411.

Affected Software/OS:
Dnsmasq prior to 2.66test2.

Solution:
Update to version 2.66test2 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-0198
MDVSA-2013:072
http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
[oss-security] 20130118 CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue
http://www.openwall.com/lists/oss-security/2013/01/18/2
[oss-security] 20130118 Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue
http://www.openwall.com/lists/oss-security/2013/01/18/7
http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6
https://bugzilla.redhat.com/show_bug.cgi?id=894486

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.118155
Categoría:	Denial of Service
Título:	Dnsmasq < 2.66test2 DoS Vulnerability
Resumen:	Dnsmasq is prone to a Denial of Service (DoS); vulnerability.
Descripción:	Summary: Dnsmasq is prone to a Denial of Service (DoS) vulnerability. Vulnerability Insight: Dnsmasq, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: This vulnerability exists because of an incomplete fix for CVE-2012-3411. Affected Software/OS: Dnsmasq prior to 2.66test2. Solution: Update to version 2.66test2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0198 MDVSA-2013:072 http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 [oss-security] 20130118 CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue http://www.openwall.com/lists/oss-security/2013/01/18/2 [oss-security] 20130118 Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue http://www.openwall.com/lists/oss-security/2013/01/18/7 http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6 https://bugzilla.redhat.com/show_bug.cgi?id=894486
Copyright	Copyright (C) 2021 Greenbone Networks GmbH