Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-2618-1.NASLHistoryOct 03, 2017 - 12:00 a.m.
SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2017:2618-1)
2017-10-0300:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.923 High
EPSS
Percentile
99.0%
This update for dnsmasq fixes the following security issues :
-
CVE-2017-14491: 2 byte heap based overflow.
[bsc#1060354] -
CVE-2017-14492: heap based overflow. [bsc#1060355]
-
CVE-2017-14493: stack based overflow. [bsc#1060360]
-
CVE-2017-14494: DHCP - info leak. [bsc#1060361]
-
CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
-
CVE-2017-14496: DNS - DoS Integer underflow.
[bsc#1060364]
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:2618-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(103639);
script_version("3.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2017-14491", "CVE-2017-14492", "CVE-2017-14493", "CVE-2017-14494", "CVE-2017-14495", "CVE-2017-14496");
script_xref(name:"IAVA", value:"2017-A-0284-S");
script_name(english:"SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2017:2618-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for dnsmasq fixes the following security issues :
- CVE-2017-14491: 2 byte heap based overflow.
[bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow.
[bsc#1060364]
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060354"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060355"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060360"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060361"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060362"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1060364"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14491/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14492/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14493/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14494/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14495/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-14496/"
);
# https://www.suse.com/support/update/announcement/2017/suse-su-20172618-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?bff40da5"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE OpenStack Cloud 7:zypper in -t patch
SUSE-OpenStack-Cloud-7-2017-1615=1
SUSE OpenStack Cloud 6:zypper in -t patch
SUSE-OpenStack-Cloud-6-2017-1615=1
SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
SUSE-SLE-SAP-12-SP1-2017-1615=1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2017-1615=1
SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2017-1615=1
SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2017-1615=1
SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP1-2017-1615=1
SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP3-2017-1615=1
SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2017-1615=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dnsmasq-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/03");
script_set_attribute(attribute:"patch_publication_date", value:"2017/10/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/03");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(1|2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1/2/3", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2/3", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"1", reference:"dnsmasq-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"dnsmasq-debuginfo-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"dnsmasq-debugsource-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"dnsmasq-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"dnsmasq-debuginfo-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"dnsmasq-debugsource-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"dnsmasq-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"dnsmasq-debuginfo-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"dnsmasq-debugsource-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"dnsmasq-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"dnsmasq-debuginfo-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"dnsmasq-debugsource-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"dnsmasq-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"dnsmasq-debuginfo-2.78-18.3.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"dnsmasq-debugsource-2.78-18.3.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dnsmasq");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | dnsmasq | p-cpe:/a:novell:suse_linux:dnsmasq |
| novell | suse_linux | dnsmasq-debuginfo | p-cpe:/a:novell:suse_linux:dnsmasq-debuginfo |
| novell | suse_linux | dnsmasq-debugsource | p-cpe:/a:novell:suse_linux:dnsmasq-debugsource |
| novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
www.nessus.org/u?bff40da5
bugzilla.suse.com/show_bug.cgi?id=1060354
bugzilla.suse.com/show_bug.cgi?id=1060355
bugzilla.suse.com/show_bug.cgi?id=1060360
bugzilla.suse.com/show_bug.cgi?id=1060361
bugzilla.suse.com/show_bug.cgi?id=1060362
bugzilla.suse.com/show_bug.cgi?id=1060364
www.suse.com/security/cve/CVE-2017-14491/
www.suse.com/security/cve/CVE-2017-14492/
www.suse.com/security/cve/CVE-2017-14493/
www.suse.com/security/cve/CVE-2017-14494/
www.suse.com/security/cve/CVE-2017-14495/
www.suse.com/security/cve/CVE-2017-14496/
Related
suse
suse
Security update for dnsmasq (important)
2017-10-03 03:07:14
Security update for dnsmasq (important)
2017-10-02 21:09:17
Security update for dnsmasq (important)
2017-10-02 21:07:18
openvas
openvas
CentOS Update for dnsmasq CESA-2017:2836 centos7
2017-10-05 00:00:00
Fedora Update for dnsmasq FEDORA-2017-24f067299e
2017-10-07 00:00:00
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2019-1380)
2020-01-23 00:00:00
centos
centos
dnsmasq security update
2017-10-03 00:04:45
dnsmasq security update
2017-10-02 23:34:13
nessus
nessus
Debian DSA-3989-1 : dnsmasq - security update
2017-10-03 00:00:00
Fedora 27 : dnsmasq (2017-7106a157f5)
2018-01-15 00:00:00
openSUSE Security Update : dnsmasq (openSUSE-2017-1116)
2017-10-03 00:00:00
ubuntu
ubuntu
Dnsmasq regression
2018-01-04 00:00:00
Dnsmasq vulnerabilities
2017-10-02 00:00:00
Dnsmasq vulnerabilities
2017-10-03 00:00:00
oraclelinux
oraclelinux
dnsmasq security update
2017-10-02 00:00:00
dnsmasq security update
2017-10-02 00:00:00
dnsmasq security update
2017-10-03 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: dnsmasq-2.77-9.fc27
2017-10-24 05:30:01
[SECURITY] Fedora 25 Update: dnsmasq-2.76-4.fc25
2017-10-23 22:52:39
[SECURITY] Fedora 26 Update: dnsmasq-2.76-5.fc26
2017-10-06 15:22:33
amazon
amazon
Critical: dnsmasq
2017-10-02 17:05:00
Critical: dnsmasq
2019-07-18 18:22:00
gentoo
gentoo
Dnsmasq: Multiple vulnerabilities
2017-10-23 00:00:00
archlinux
archlinux
[ASA-201710-1] dnsmasq: multiple issues
2017-10-02 00:00:00
debian
debian
[SECURITY] [DSA 3989-1] dnsmasq security update
2017-10-02 18:30:02
[SECURITY] [DSA 3989-1] dnsmasq security update
2017-10-02 18:30:02
[SECURITY] [DLA 1124-1] dnsmasq security update
2017-10-06 14:42:23
redhat
redhat
(RHSA-2017:2836) Critical: dnsmasq security update
2017-10-02 13:34:30
(RHSA-2017:2837) Critical: dnsmasq security update
2017-10-02 13:34:44
(RHSA-2017:2839) Critical: dnsmasq security update
2017-10-02 13:35:14
mageia
mageia
Updated dnsmasq packages fix security vulnerabilities
2017-10-09 12:51:10
Updated dnsmasq packages fix security vulnerabilities
2017-10-09 12:51:10
cert
cert
Dnsmasq contains multiple vulnerabilities
2017-10-02 00:00:00
arista
arista
Security Advisory 0030
2017-10-02 00:00:00
f5
f5
K32582354 : Multiple dnsmasq vulnerabilities
2017-10-05 00:00:00
slackware
slackware
[slackware-security] dnsmasq
2017-10-02 18:43:20
ibm
ibm
huawei
huawei
Security Advisory - Seven vulnerabilities in Google Dnsmasq
2017-11-03 00:00:00
myhack58
myhack58
altlinux
altlinux
Security fix for the ALT Linux 10 package dnsmasq version 2.78-alt1
2017-10-06 00:00:00
thn
thn
Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software
2017-10-02 23:44:00
freebsd
freebsd
dnsmasq -- multiple vulnerabilities
2017-10-02 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0074
2017-10-04 00:00:00
threatpost
threatpost
Google Warns of DoS and RCE Bugs in Dnsmasq
2017-10-03 13:16:06
osv
osv
dnsmasq - security update
2017-10-02 00:00:00
dnsmasq - security update
2017-10-06 00:00:00
CVE-2017-14495
2017-10-03 01:29:02
redhatcve
redhatcve
ics
ics
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
2020-10-13 12:00:00
checkpoint_advisories
checkpoint_advisories
Dnsmasq Lack of Free Denial of Service (CVE-2017-14495)
2017-10-03 00:00:00
Dnsmasq Integer Underflow Denial Of Service (CVE-2017-14496)
2017-10-03 00:00:00
nvd
nvd
prion
prion
Stack overflow
2017-10-03 01:29:00
Memory corruption
2017-10-03 01:29:00
Information disclosure
2017-10-03 01:29:00
packetstorm
packetstorm
Dnsmasq Stack-Based Overflow
2017-10-02 00:00:00
Dnsmasq Integer Underflow
2017-10-02 00:00:00
Dnsmasq Lack Of Free() Denial Of Service
2017-10-02 00:00:00
cvelist
cvelist
debiancve
debiancve
exploitpack
exploitpack
Dnsmasq 2.78 - Heap Overflow
2017-10-02 00:00:00
Dnsmasq 2.78 - Lack of free() Denial of Service
2017-10-02 00:00:00
Dnsmasq 2.78 - Integer Underflow
2017-10-02 00:00:00
zdt
zdt
Dnsmasq < 2.78 - Stack-Based Overflow Exploit
2017-10-02 00:00:00
Dnsmasq < 2.78 - Lack of free() Denial of Service Exploit
2017-10-02 00:00:00
Dnsmasq < 2.78 - Heap-Based Overflow Exploit
2017-10-02 00:00:00
seebug
seebug
Dnsmasq DoS Vulnerability(CVE-2017-14496)
2017-10-09 00:00:00
Dnsmasq DoS Vulnerability(CVE-2017-14495)
2017-10-09 00:00:00
Dnsmasq Heap based overflow(CVE-2017-14492)
2017-10-09 00:00:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-05-16 01:47:46
Information Disclosure
2019-05-02 06:37:12
Arbitrary Code Execution
2019-05-02 06:37:12
alpinelinux
alpinelinux
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.923 High
EPSS
Percentile
99.0%
Related for SUSE_SU-2017-2618-1.NASL