Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-2958

Published: 02/09/2009 Updated: 19/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Thekelleys

Vulnerability Summary

The tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

thekelleys dnsmasq 2.45

thekelleys dnsmasq 2.44

thekelleys dnsmasq 2.40

thekelleys dnsmasq 2.39

thekelleys dnsmasq 2.29

thekelleys dnsmasq 2.28

thekelleys dnsmasq 2.19

thekelleys dnsmasq 2.18

thekelleys dnsmasq 2.43

thekelleys dnsmasq 2.42

thekelleys dnsmasq 2.38

thekelleys dnsmasq 2.37

thekelleys dnsmasq 2.36

thekelleys dnsmasq 2.27

thekelleys dnsmasq 2.26

thekelleys dnsmasq 2.17

thekelleys dnsmasq 2.16

thekelleys dnsmasq 2.9

thekelleys dnsmasq 2.8

thekelleys dnsmasq 2.7

thekelleys dnsmasq 2.0

thekelleys dnsmasq 1.18

thekelleys dnsmasq 1.11

thekelleys dnsmasq 1.10

thekelleys dnsmasq 1.2

thekelleys dnsmasq 1.0

thekelleys dnsmasq 0.6

thekelleys dnsmasq 0.5

thekelleys dnsmasq 2.11

thekelleys dnsmasq 2.10

thekelleys dnsmasq 2.2

thekelleys dnsmasq 2.1

thekelleys dnsmasq 1.13

thekelleys dnsmasq 1.12

thekelleys dnsmasq 1.5

thekelleys dnsmasq 1.4

thekelleys dnsmasq 1.3

thekelleys dnsmasq 0.95

thekelleys dnsmasq 0.7

thekelleys dnsmasq 2.47

thekelleys dnsmasq 2.46

thekelleys dnsmasq 2.22

thekelleys dnsmasq 2.25

thekelleys dnsmasq 2.31

thekelleys dnsmasq 2.30

thekelleys dnsmasq 2.21

thekelleys dnsmasq 2.20

thekelleys dnsmasq 2.13

thekelleys dnsmasq 2.12

thekelleys dnsmasq 2.4

thekelleys dnsmasq 2.3

thekelleys dnsmasq 1.15

thekelleys dnsmasq 1.14

thekelleys dnsmasq 1.7

thekelleys dnsmasq 1.6

thekelleys dnsmasq 0.98

thekelleys dnsmasq 0.96

thekelleys dnsmasq 2.48

thekelleys dnsmasq 2.41

thekelleys dnsmasq 2.35

thekelleys dnsmasq 2.34

thekelleys dnsmasq 2.33

thekelleys dnsmasq 2.24

thekelleys dnsmasq 2.23

thekelleys dnsmasq 2.15

thekelleys dnsmasq 2.14

thekelleys dnsmasq 2.6

thekelleys dnsmasq 2.5

thekelleys dnsmasq 1.17

thekelleys dnsmasq 1.16

thekelleys dnsmasq 1.9

thekelleys dnsmasq 1.8

thekelleys dnsmasq 0.996

thekelleys dnsmasq 0.992

thekelleys dnsmasq 0.4

thekelleys dnsmasq

Vendor Advisories

Ubuntu Security Notice: dnsmasq vulnerabilities
IvAin Arce, Pablo HernAin Jorge, Alejandro Pablo Rodriguez, MartA­n Coco, Alberto SoliAto Testa and Pablo Annetta discovered that Dnsmasq did not properly validate its input when processing TFTP requests for files with long names A remote attacker could cause a denial of service or execute arbitrary code with user privileges Dnsmasq runs as the ...
Debian Security Advisories: DSA-1876-1 dnsmasq -- buffer overflow
Several remote vulnerabilities have been discovered in the TFTP component of dnsmasq The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2957 A buffer overflow in TFTP processing may enable arbitrary code execution to attackers which are permitted to use the TFTP service CVE-2009-2958 Malicious TFTP ...

Exploits

Exploit DB: Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory wwwcoresecuritycom/corelabs/ Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server 1 *Advisory Information* Title: Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server Advisory ID: CORE-2009-0820 ...
Exploit DB: Core Security Technologies Advisory 2009.0820
Core Security Technologies Advisory - A vulnerability has been found in Dnsmasq that may allow an attacker to execute arbitrary code on servers or home routers running dnsmasq with the TFTP service enabled ...

References

CWE-399https://bugzilla.redhat.com/show_bug.cgi?id=519020http://www.thekelleys.org.uk/dnsmasq/CHANGELOGhttp://www.coresecurity.com/content/dnsmasq-vulnerabilitieshttp://www.securityfocus.com/bid/36120https://rhn.redhat.com/errata/RHSA-2010-0095.htmlhttp://secunia.com/advisories/36563http://www.redhat.com/support/errata/RHSA-2009-1238.htmlhttp://www.ubuntu.com/usn/USN-827-1https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9816https://usn.ubuntu.com/827-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/9617/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook