Filter by content: Additional information available. Sort by: Status Alphabetical. Expand all. Javascript is disabled. Click here to view vendors. Vendor Information We are not aware of further vendor information regarding this vulnerability. Vendor References. Arista Networks, Inc. AsusTek Computer Inc. Avaya, Inc. Belkin, Inc. D-Link Systems, Inc. F5 Networks, Inc. Motorola, Inc. Netgear, Inc. Red Hat, Inc.
Slackware Linux Inc. Sophos, Inc. TippingPoint Technologies Inc. Copy Results Download Results. Press ESC to close. Total number of vulnerabilities : 25 Page : 1 This Page. How does it work? Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
A flaw was found in dnsmasq in versions before 2. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. The highest threat from this vulnerability is to data integrity. A flaw was found in dnsmasq before version 2. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory.
This flaw is caused by the lack of length checks in rfc The highest threat from this vulnerability is to system availability. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of pending queries can be sent to upstream servers, so there can be at most queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq.
If chained with CVE, the attack complexity of a successful attack is reduced. When getting a reply from a forwarded query, dnsmasq checks in forward.
0コメント