New User, Welcome!     Login

dnsmasq

CORE-2009-0820 - Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server

Hash: SHA1

        Core Security Technologies - CoreLabs Advisory
            http://www.coresecurity.com/corelabs/

 Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server


1. *Advisory Information*

Title: Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server

[ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: dnsmasq: Denial of Service and DNS spoofing
      Date: September 04, 2008
      Bugs: #231282, #232523
        ID: 200809-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[ GLSA 200909-19 ] Dnsmasq: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: Dnsmasq: Multiple vulnerabilities
      Date: September 20, 2009
      Bugs: #282653
        ID: 200909-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[USN-827-1] Dnsmasq vulnerabilities

===========================================================
Ubuntu Security Notice USN-827-1         September 01, 2009
dnsmasq vulnerabilities
CVE-2009-2957, CVE-2009-2958
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 8.10

simple dns rebinding protection with dnsmasq

dnsmasq (http://www.thekelleys.org.uk/dnsmasq/doc.html) a popular DHCP
and DNS forwarder and cache server used on many DSL/Cable routers now
has a simple DNS Rebinding protection mechanism. When executed with the
--stop-dns-rebind option the DNS resolver in dnsmasq will filter out
private IP addresses (127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8,
172.16.0.0/12 and 169.254.0.0/16). This should be sufficient for most
private/home users.

Feedback welcome.

[SECURITY] [DSA 1876-1] New dnsmasq packages fix remote code execution

Debian Security Advisory DSA-1876-1                  security@debian.org
http://www.debian.org/security/                           Florian Weimer
September 01, 2009                    http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : dnsmasq
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-2957 CVE-2009-2958

[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning

Debian Security Advisory DSA-1623-1                  security@debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
July 31, 2008                         http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : dnsmasq
Vulnerability  : DNS cache poisoning
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2008-1447

[USN-627-1] Dnsmasq vulnerability

=========================================================== 
Ubuntu Security Notice USN-627-1              July 22, 2008
dnsmasq vulnerability
CVE-2008-1447
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!