CVE-2017-14491
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.303 Low
EPSS
Percentile
97.0%
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| thekelleys:dnsmasq | thekelleys dnsmasq | le | 2.77 |
References
lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
nvidia.custhelp.com/app/answers/detail/a_id/4560
nvidia.custhelp.com/app/answers/detail/a_id/4561
packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html
thekelleys.org.uk/dnsmasq/CHANGELOG
thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
www.debian.org/security/2017/dsa-3989
www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en
www.securityfocus.com/bid/101085
www.securityfocus.com/bid/101977
www.securitytracker.com/id/1039474
www.ubuntu.com/usn/USN-3430-1
www.ubuntu.com/usn/USN-3430-2
www.ubuntu.com/usn/USN-3430-3
access.redhat.com/errata/RHSA-2017:2836
access.redhat.com/errata/RHSA-2017:2837
access.redhat.com/errata/RHSA-2017:2838
access.redhat.com/errata/RHSA-2017:2839
access.redhat.com/errata/RHSA-2017:2840
access.redhat.com/errata/RHSA-2017:2841
access.redhat.com/security/vulnerabilities/3199382
cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/
security.gentoo.org/glsa/201710-27
security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30
www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449
www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/
www.debian.org/security/2017/dsa-3989
www.exploit-db.com/exploits/42941/
www.kb.cert.org/vuls/id/973527
www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
Social References
More
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.303 Low
EPSS
Percentile
97.0%