Lucene search
RedhatCVELIST:CVE-2020-14312HistoryFeb 05, 2021 - 11:16 p.m.
CVE-2020-14312
2021-02-0523:16:33
CWE-284
redhat
www.cve.org
1
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.
CNA Affected
[
{
"product": "dnsmasq",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fedora version prior to 31"
},
{
"status": "affected",
"version": "all RHEL versions"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2020-14312
2021-02-06 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1678)
2024-05-17 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2022-2760)
2022-11-14 00:00:00
Fedora: Security Advisory for dnsmasq (FEDORA-2020-54760174b6)
2020-10-06 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.0 : dnsmasq (EulerOS-SA-2024-1678)
2024-05-17 00:00:00
EulerOS Virtualization 2.9.1 : dnsmasq (EulerOS-SA-2023-1189)
2023-01-11 00:00:00
EulerOS Virtualization 2.9.0 : dnsmasq (EulerOS-SA-2023-1219)
2023-01-10 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: dnsmasq-2.81-5.fc32
2020-10-17 14:09:19
[SECURITY] Fedora 33 Update: dnsmasq-2.82-3.fc33
2020-10-06 00:16:54
[SECURITY] Fedora 32 Update: dnsmasq-2.81-4.fc32
2020-07-21 01:03:33
cve
cve
CVE-2020-14312
2021-02-06 00:15:12
mageia
mageia
Updated dnsmasq packages fix security vulnerability
2020-08-01 02:25:42
redhatcve
redhatcve
CVE-2020-14312
2020-06-30 09:51:13
nvd
nvd
CVE-2020-14312
2021-02-06 00:15:12
prion
prion
Default configuration
2021-02-06 00:15:00
debiancve
debiancve
CVE-2020-14312
2021-02-06 00:15:12
amazon
amazon
Medium: dnsmasq
2020-07-31 19:20:00
suse
suse
Security update for dnsmasq (moderate)
2021-10-31 00:00:00
Security update for dnsmasq (moderate)
2021-10-27 00:00:00