Scientific Linux Security Update : dnsmasq on SL7.x x86_64

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- A heap buffer overflow was found in dnsmasq in the code
responsible for building DNS replies. An attacker could
send crafted DNS packets to dnsmasq which would cause it
to crash or, potentially, execute arbitrary code.
(CVE-2017-14491)

- A heap buffer overflow was discovered in dnsmasq in the
IPv6 router advertisement (RA) handling code. An
attacker on the local network segment could send crafted
RAs to dnsmasq which would cause it to crash or,
potentially, execute arbitrary code. This issue only
affected configurations using one of these options:
enable-ra, ra-only, slaac, ra- names, ra-advrouter, or
ra-stateless. (CVE-2017-14492)

- A stack-based buffer overflow was found in dnsmasq in
the DHCPv6 code. An attacker on the local network could
send a crafted DHCPv6 request to dnsmasq which would
cause it to a crash or, potentially, execute arbitrary
code. (CVE-2017-14493)

- An information leak was found in dnsmasq in the DHCPv6
relay code. An attacker on the local network could send
crafted DHCPv6 packets to dnsmasq causing it to forward
the contents of process memory, potentially leaking
sensitive data. (CVE-2017-14494)

- A memory exhaustion flaw was found in dnsmasq in the
EDNS0 code. An attacker could send crafted DNS packets
which would trigger memory allocations which would never
be freed, leading to unbounded memory consumption and
eventually a crash. This issue only affected
configurations using one of the options: add-mac,
add-cpe-id, or add- subnet. (CVE-2017-14495)

- An integer underflow flaw leading to a buffer over-read
was found in dnsmasq in the EDNS0 code. An attacker
could send crafted DNS packets to dnsmasq which would
cause it to crash. This issue only affected
configurations using one of the options: add-mac,
add-cpe-id, or add- subnet. (CVE-2017-14496)

See also :

http://www.nessus.org/u?98c2525b

Solution :

Update the affected dnsmasq, dnsmasq-debuginfo and / or dnsmasq-utils
packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 103635 ()

Bugtraq ID:

CVE ID: CVE-2017-14491
CVE-2017-14492
CVE-2017-14493
CVE-2017-14494
CVE-2017-14495
CVE-2017-14496

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now