Lucene search

K

Veracode Vulnerability DatabaseVERACODE:18346

HistoryMay 02, 2019 - 6:37 a.m.

Information Disclosure

2019-05-0206:37:12

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5

0.017 Low

EPSS

Percentile

87.7%

dnsmasq is vulnerable to information disclosure. The vulnerability is in the DHCPv6 relay code in dnsmasq. Remote attackers could obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

CPENameOperatorVersion
dnsmasqeq2.66__13.el7_1
dnsmasqeq2.66__10.el7
dnsmasqeq2.66__14.el7_1
dnsmasqeq2.66__21.el7
dnsmasq:3.4eq2.76-r0
dnsmasq:3.3eq2.76-r0
dnsmasqeq2.66__13.el7_1
dnsmasqeq2.66__10.el7
dnsmasqeq2.66__14.el7_1
dnsmasqeq2.66__21.el7

Rows per page:

1-10 of 121

References

lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

nvidia.custhelp.com/app/answers/detail/a_id/4561

thekelleys.org.uk/dnsmasq/CHANGELOG

thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=33e3f1029c9ec6c63e430ff51063a6301d4b2262

www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

www.debian.org/security/2017/dsa-3989

www.securityfocus.com/bid/101085

www.securitytracker.com/id/1039474

www.ubuntu.com/usn/USN-3430-1

www.ubuntu.com/usn/USN-3430-2

access.redhat.com/errata/RHSA-2017:2836

access.redhat.com/errata/RHSA-2017:2837

access.redhat.com/security/updates/classification/#critical

access.redhat.com/security/vulnerabilities/3199382

security.gentoo.org/glsa/201710-27

security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

www.exploit-db.com/exploits/42944/

www.kb.cert.org/vuls/id/973527

www.mail-archive.com/[email protected]/msg11664.html

www.mail-archive.com/[email protected]/msg11665.html

www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

0.017 Low

EPSS

Percentile

87.7%