The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Dnsmasq

Dnsmasq: out-of-bounds memory reading via do_doctor
An attacker can force a read at an invalid address via do_doctor() of Dnsmasq, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-14513, DLA-1921-1, VIGILANCE-VUL-29933
Dnsmasq: denial of service via NSEC
An attacker can make Dnsmasq declare that a domain does not exist, because of an error in the signature check step, in order to trigger a denial of service...
bulletinjan2019, CVE-2017-15107, FEDORA-2018-9780220f7d, FEDORA-2018-fbe4017846, openSUSE-SU-2019:2669-1, SUSE-SU-2019:14190-1, SUSE-SU-2019:1721-1, SUSE-SU-2019:3188-1, SUSE-SU-2019:3189-1, VIGILANCE-VUL-25130
Dnsmasq: seven vulnerabilities
An attacker can use several vulnerabilities of Dnsmasq...
ARUBA-PSA-2017-005, CERTFR-2017-AVI-329, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, DLA-1124-1, DSA-3989-1, FEDORA-2017-24f067299e, FEDORA-2017-515264ae24, openSUSE-SU-2017:2633-1, OSSN/OSSN-0082, RHSA-2017:2836-01, RHSA-2017:2837-01, RHSA-2017:2838-01, RHSA-2017:2839-01, RHSA-2017:2840-01, RHSA-2017:2841-01, SSA:2017-275-01, SUSE-SU-2017:2616-1, SUSE-SU-2017:2617-1, SUSE-SU-2017:2619-1, Synology-SA-17:59, USN-3430-1, USN-3430-2, USN-3430-3, VIGILANCE-VUL-24005, VU#973527
Dnsmasq: information disclosure via TFTP
A local attacker can read a memory fragment via a TFTP packet used by Dnsmasq, in order to obtain sensitive information...
VIGILANCE-VUL-22887
Dnsmasq: denial of service via requests for type AAAA
An attacker can send a request for an IPv6 address to Dnsmasq, in order to trigger a denial of service...
CVE-2015-8899, FEDORA-2016-6db1c9eb69, FEDORA-2016-da2f9c22b4, openSUSE-SU-2017:0016-1, SUSE-SU-2016:3199-1, SUSE-SU-2016:3269-1, SUSE-SU-2017:2616-1, SUSE-SU-2017:2617-1, SUSE-SU-2017:2619-1, USN-3009-1, VIGILANCE-VUL-19799
Dnsmasq: information disclosure via tcp_request
A local attacker can read a memory fragment of Dnsmasq, in order to obtain sensitive information; and maybe make the server halt...
bulletinjul2015, CVE-2015-3294, DSA-3251-1, DSA-3251-2, openSUSE-SU-2015:0857-1, OSI-1502, STORM-2015-09-EN, STORM-2015-10-EN, STORM-2015-11-EN.2, STORM-2015-12-EN, SUSE-SU-2017:2616-1, SUSE-SU-2017:2617-1, SUSE-SU-2017:2619-1, USN-2593-1, VIGILANCE-VUL-16649
Dnsmasq: listening on all interfaces via libvirt and TCP
When Dnsmasq is installed on a server using libvirt, Dnsmasq accepts TCP queries coming from all interfaces, so an attacker can for example create a distributed denial of service...
894486, BID-57458, CVE-2013-0198, FEDORA-2013-1320, FEDORA-2013-1357, MDVSA-2013:072, VIGILANCE-VUL-12340
Dnsmasq: listening on all interfaces via libvirt
When Dnsmasq is installed on a server using libvirt, Dnsmasq accepts queries coming from all interfaces, so an attacker can for example create a distributed denial of service...
833033, BID-54353, CVE-2012-3411, FEDORA-2012-12598, FEDORA-2012-20531, MDVSA-2013:072, RHSA-2013:0276-02, RHSA-2013:0277-02, RHSA-2013:0579-01, VIGILANCE-VUL-11750
Dnsmasq: vulnerabilities of TFTP
An attacker can use two vulnerabilities of Dnsmasq, in order to generate a denial of service or to execute code...
BID-36120, BID-36121, CERTA-2009-AVI-361, CORE-2009-0820, CVE-2009-2957, CVE-2009-2958, DSA-1876-1, FEDORA-2009-10252, FEDORA-2009-10285, RHSA-2009:1238-01, VIGILANCE-VUL-8985
DNS: cache poisoning
An attacker can predict DNS queries in order to poison the DNS client or cache (caching resolver)...
107064, 239392, 240048, 6702096, 7000912, 953230, BID-30131, c01506861, c01660723, CAU-EX-2008-0002, CAU-EX-2008-0003, CERTA-2002-AVI-189, CERTA-2002-AVI-200, cisco-sa-20080708-dns, CR102424, CR99135, CSCso81854, CVE-2008-1447, draft-ietf-dnsext-forgery-resilience-05, DSA-1544-2, DSA-1603-1, DSA-1604-1, DSA-1605-1, DSA-1617-1, DSA-1619-1, DSA-1619-2, DSA-1623-1, FEDORA-2008-6256, FEDORA-2008-6281, FEDORA-2009-1069, FreeBSD-SA-08:06.bind, HPSBMP02404, HPSBTU02358, HPSBUX02351, MDVSA-2008:139, MS08-037, NetBSD-SA2008-009, powerdns-advisory-2008-01, PSN-2008-06-040, RHSA-2008:0533-01, RHSA-2008:0789-01, SOL8938, SSA:2008-191-02, SSA:2008-205-01, SSRT080058, SSRT090014, SUSE-SA:2008:033, TA08-190B, TLSA-2008-26, VIGILANCE-VUL-7937, VMSA-2008-0014, VMSA-2008-0014.1, VMSA-2008-0014.2, VU#800113
Our database contains other pages. You can request a free trial to read them.

Display information about Dnsmasq: