5
CVSSv2

CVE-2017-13704

Published: 03/10/2017 Updated: 11/05/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In dnsmasq prior to 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

canonical ubuntu linux 17.04

debian debian linux 7.0

debian debian linux 7.1

debian debian linux 9.0

fedoraproject fedora 27

novell leap 42.2

novell leap 42.3

redhat enterprise linux desktop 7.0

redhat enterprise linux server 7.0

redhat enterprise linux workstation 7.0

thekelleys dnsmasq

Vendor Advisories

Debian Bug report logs - #877102 dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query Package: src:dnsmasq; Maintainer for src:dnsmasq is Simon Kelley <simon@thekelleysorguk>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 28 Sep 2017 18:39:02 UTC Severity: grave Tags: fixed-upstre ...
An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code An attacker could send crafted DNS packets to dnsmasq which would cause it to crash ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-689071: DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 Publication Date: 2017-11-17 Last Update: 2020-10-13 Current Version: 13 CVSS v31 Base Score: 81 SUMMARY ======= Multiple vulnerabilities have been identified in SC ...
Summary An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code An attacker could send crafted DNS packets to dnsmasq which would cause it to crash Affected Products No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability Workaround There are no wo ...
Oracle Solaris Third Party Bulletin - October 2017 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critic ...

Recent Articles

Google Warns of DoS and RCE Bugs in Dnsmasq
Threatpost • Tom Spring • 03 Oct 2017

Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposure or a denial of service attacks against affected devices.
Google researchers identified the flaws in a research paper published Monday, the same day a patch for affected hardware arrived. Google also published proof-of-concept code to demonstrate the flaws and is urging hardware vendors to deploy patches as soon as possible.
Dnsmasq is o...