ALT-PU-2015-1664-1
Closed vulnerabilities
Published: 2015-04-07
BDU:2015-10027
Уязвимость DNS-сервера Dnsmasq, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.3)
References:
Published: 2015-05-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3294
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
Severity: MEDIUM (6.4)
References:
- openSUSE-SU-2015:0857
- openSUSE-SU-2015:0857
- [Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
- [Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
- [Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
- [Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability
- http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8
- http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8
- DSA-3251
- DSA-3251
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- 20150423 Dnsmasq 2.72 Unchecked returned value
- 20150423 Dnsmasq 2.72 Unchecked returned value
- 74452
- 74452
- 1032195
- 1032195
- USN-2593-1
- USN-2593-1
- GLSA-201512-01
- GLSA-201512-01