Mandriva Linux Security Advisory : dnsmasq (MDVSA-2013:072)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Updated dnsmasq packages fix security vulnerabilities :

When dnsmasq before 2.63 is used in conjunctions with certain
configurations of libvirtd, network packets from prohibited networks
(e.g. packets that should not be passed in) may be sent to the dnsmasq
application and processed. This can result in DNS amplification
attacks for example (CVE-2012-3411).

This update adds a new option --bind-dynamic which is immune to this
problem.

Updated dnsmasq packages fix security vulnerabilities
(CVE-2013-0198) :

This update completes the fix for CVE-2012-3411 provided with
dnsmasq-2.63. It was found that after the upstream patch for
CVE-2012-3411 issue was applied, dnsmasq still :

- replied to remote TCP-protocol based DNS queries (UDP
protocol ones were corrected, but TCP ones not) from
prohibited networks, when the --bind-dynamic option was
used,

- when --except-interface lo option was used dnsmasq
didn't answer local or remote UDP DNS queries, but still
allowed TCP protocol based DNS queries,

- when --except-interface lo option was not used local /
remote TCP DNS queries were also still answered by
dnsmasq.

This update fix these three cases.

Solution :

Update the affected dnsmasq and / or dnsmasq-base packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 66086 ()

Bugtraq ID: 54353
57458

CVE ID: CVE-2012-3411
CVE-2013-0198

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now