dnsmasq < 2.78 Multiple Remote Vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote DNS / DHCP service is affected by multiple vulnerabilities.

Description :

The version of dnsmasq installed on the remote host is prior to 2.78,
and thus, is affected by the following vulnerabilities :

- Denial of service related to handling DNS queries
exceeding 512 bytes. (CVE-2017-13704)

- Heap overflow related to handling DNS requests. (CVE-2017-14491)

- Heap overflow related to IPv6 router advertisement handling.
(CVE-2017-14492)

- Stack overflow related to DHCPv6 request handling.
(CVE-2017-14493)

- Memory disclosure related to DHCPv6 packet handling.
(CVE-2017-14494)

- Denial of service related to handling DNS queries.
(CVE-2017-14495)

- Denial of service related to handling DNS queries.
(CVE-2017-14496)

See also :

http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
http://www.nessus.org/u?1684fac7
http://www.nessus.org/u?2aa30bbb
http://www.nessus.org/u?4e408fdc
http://www.nessus.org/u?e3cd1c58
http://www.nessus.org/u?d610ee71
http://www.nessus.org/u?90a10783
http://www.nessus.org/u?32875869
http://www.nessus.org/u?dfdf89ab
http://www.nessus.org/u?8fac9ecd
http://www.nessus.org/u?460d9edd
http://www.nessus.org/u?e88e5476
http://www.nessus.org/u?1e246b99
http://www.nessus.org/u?dcbc583d
http://www.nessus.org/u?edfa62f7
http://www.nessus.org/u?8916059f
http://www.nessus.org/u?c7493663
http://www.nessus.org/u?c356dcf1
http://www.nessus.org/u?9bfb7dbc

Solution :

Upgrade to dnsmasq 2.78 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now