Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thekelleys dnsmasq vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Thekelleys Dnsmasq
445
VMScore
CVE-2017-13704
In dnsmasq prior to 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq c...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Novell Leap 42.2
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Fedoraproject Fedora 27
Novell Leap 42.3
Thekelleys Dnsmasq
445
VMScore
CVE-2015-8899
Dnsmasq prior to 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Thekelleys Dnsmasq
445
VMScore
CVE-2013-0198
Dnsmasq prior to 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote malicious users to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists be...
Thekelleys Dnsmasq
445
VMScore
CVE-2012-3411
Dnsmasq prior to 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote malicious users to cause a denial of service (traffic amplification) via a spoofed DNS query.
Thekelleys Dnsmasq
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
445
VMScore
CVE-2005-0877
Dnsmasq prior to 2.21 allows remote malicious users to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Thekelleys Dnsmasq
435
VMScore
CVE-2017-14494
dnsmasq prior to 2.78, when configured as a relay, allows remote malicious users to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 7.1
Novell Leap 42.2
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Novell Leap 42.3
Thekelleys Dnsmasq
1 EDB exploit
435
VMScore
CVE-2009-2958
The tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
Thekelleys Dnsmasq 2.45
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.40
Thekelleys Dnsmasq 2.39
Thekelleys Dnsmasq 2.29
Thekelleys Dnsmasq 2.28
Thekelleys Dnsmasq 2.19
Thekelleys Dnsmasq 2.18
Thekelleys Dnsmasq 2.43
Thekelleys Dnsmasq 2.42
Thekelleys Dnsmasq 2.38
Thekelleys Dnsmasq 2.37
Thekelleys Dnsmasq 2.36
Thekelleys Dnsmasq 2.27
Thekelleys Dnsmasq 2.26
Thekelleys Dnsmasq 2.17
Thekelleys Dnsmasq 2.16
Thekelleys Dnsmasq 2.9
Thekelleys Dnsmasq 2.8
Thekelleys Dnsmasq 2.7
Thekelleys Dnsmasq 2.0
Thekelleys Dnsmasq 1.18
1 EDB exploit
384
VMScore
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 ...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
384
VMScore
CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the ex...
Thekelleys Dnsmasq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Arista Eos
2 Github repositories
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »