ALT-PU-2018-1599-2
Closed vulnerabilities
Published: 2026-02-09
BDU:2026-01424
Уязвимость DNS-сервера Dnsmasq, связанная с ошибками реализации проверки безопасности для стандартных элементов, позволяющая нарушителю оказать воздействие на целостность данных
Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
References:
Published: 2018-01-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Severity: HIGH (7.5)Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00027.html
- http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html
- http://www.securityfocus.com/bid/102812
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00027.html
- http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html
- http://www.securityfocus.com/bid/102812