Dnsmasq prior to 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote malicious users to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thekelleys dnsmasq |