CVE-2017-13704HIGH
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
References
http://thekelleys.org.uk/dnsmasq/CHANGELOG
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928
http://www.securityfocus.com/bid/101085
http://www.securityfocus.com/bid/101977
http://www.securitytracker.com/id/1039474
https://access.redhat.com/security/vulnerabilities/3199382
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
https://www.mail-archive.com/[email protected]/msg11664.html
https://www.mail-archive.com/[email protected]/msg11665.html
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
Details
Source: MITRE
Published: 2017-10-03
Updated: 2018-05-11
Type: CWE-20
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
CVSS v3
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 3.9
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*
cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:* versions up to 2.77 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 123860 | EulerOS Virtualization 2.5.3 : dnsmasq (EulerOS-SA-2019-1174) | Nessus | Huawei Local Security Checks | high |
| 111887 | Photon OS 1.0: Binutils / C / Dnsmasq / Git / Gnutls / Krb5 / Linux / Mercurial / Mesos / Nginx PHSA-2017-0038 (deprecated) | Nessus | PhotonOS Local Security Checks | high |
| 109037 | pfSense < 2.3.5 Multiple Vulnerabilities (KRACK) | Nessus | Firewalls | critical |
| 105837 | Fedora 27 : dnsmasq (2017-274d763ed8) | Nessus | Fedora Local Security Checks | high |
| 103647 | dnsmasq < 2.78 Multiple Remote Vulnerabilities | Nessus | DNS | critical |
| 103620 | FreeBSD : dnsmasq -- multiple vulnerabilities (b77b5646-a778-11e7-ac58-b499baebfeaf) | Nessus | FreeBSD Local Security Checks | critical |
| 103599 | Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : dnsmasq (SSA:2017-275-01) | Nessus | Slackware Local Security Checks | critical |