Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Thekelleys Subscribe
Filtered by product Dnsmasq

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3411 2 Redhat, Thekelleys 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more 2020-05-27 5.0 MEDIUM N/A
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
CVE-2013-0198 1 Thekelleys 1 Dnsmasq 2020-05-27 5.0 MEDIUM N/A
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411.
CVE-2015-3294 2 Oracle, Thekelleys 2 Solaris, Dnsmasq 2018-10-09 6.4 MEDIUM N/A
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
CVE-2009-2957 1 Thekelleys 1 Dnsmasq 2017-09-19 6.8 MEDIUM N/A
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
CVE-2009-2958 1 Thekelleys 1 Dnsmasq 2017-09-19 4.3 MEDIUM N/A
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
CVE-2008-3214 1 Thekelleys 1 Dnsmasq 2017-08-08 7.8 HIGH N/A
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.