Filtered by vendor Thekelleys Subscriptions
Filtered by product Dnsmasq Subscriptions
Total 37 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-45956 1 Thekelleys 1 Dnsmasq 2024-10-28 9.8 Critical
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.
CVE-2023-49441 1 Thekelleys 1 Dnsmasq 2024-10-10 7.5 High
dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.
CVE-2005-0877 1 Thekelleys 1 Dnsmasq 2024-08-07 7.5 High
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
CVE-2008-3214 1 Thekelleys 1 Dnsmasq 2024-08-07 N/A
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
CVE-2009-2957 2 Redhat, Thekelleys 2 Enterprise Linux, Dnsmasq 2024-08-07 N/A
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
CVE-2009-2958 2 Redhat, Thekelleys 2 Enterprise Linux, Dnsmasq 2024-08-07 N/A
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
CVE-2012-3411 2 Redhat, Thekelleys 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 3 more 2024-08-06 N/A
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
CVE-2013-0198 1 Thekelleys 1 Dnsmasq 2024-08-06 N/A
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411.
CVE-2015-8899 2 Canonical, Thekelleys 2 Ubuntu Linux, Dnsmasq 2024-08-06 N/A
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
CVE-2015-3294 2 Oracle, Thekelleys 2 Solaris, Dnsmasq 2024-08-06 N/A
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
CVE-2017-15107 1 Thekelleys 1 Dnsmasq 2024-08-05 N/A
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
CVE-2017-14492 5 Canonical, Debian, Novell and 2 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2024-08-05 N/A
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
CVE-2017-14495 5 Canonical, Debian, Novell and 2 more 8 Ubuntu Linux, Debian Linux, Leap and 5 more 2024-08-05 N/A
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
CVE-2017-14496 6 Canonical, Debian, Google and 3 more 9 Ubuntu Linux, Debian Linux, Android and 6 more 2024-08-05 N/A
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
CVE-2017-14491 13 Arista, Arubanetworks, Canonical and 10 more 35 Eos, Arubaos, Ubuntu Linux and 32 more 2024-08-05 9.8 Critical
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-14494 5 Canonical, Debian, Novell and 2 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2024-08-05 N/A
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
CVE-2017-14493 5 Canonical, Debian, Opensuse and 2 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2024-08-05 N/A
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVE-2017-13704 6 Canonical, Debian, Fedoraproject and 3 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-08-05 N/A
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
CVE-2019-14834 3 Fedoraproject, Redhat, Thekelleys 3 Fedora, Enterprise Linux, Dnsmasq 2024-08-05 3.7 Low
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
CVE-2019-14513 3 Debian, Redhat, Thekelleys 3 Debian Linux, Enterprise Linux, Dnsmasq 2024-08-05 7.5 High
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.