A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-02-05T23:16:33
Updated: 2024-08-04T12:39:36.268Z
Reserved: 2020-06-17T00:00:00
Link: CVE-2020-14312
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-02-06T00:15:12.437
Modified: 2022-07-25T11:19:32.100
Link: CVE-2020-14312
Redhat