CVE-2015-8899

Опубликовано: 30 июн. 2016

Источник: debian

EPSS Низкий

Описание

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dnsmasq	fixed	2.76-1		package
dnsmasq	not-affected		jessie	package
dnsmasq	not-affected		wheezy	package

Примечания

http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html
Fixed by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87 (v2.76rc1)
Introduced by: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=cbc652423403e3cef00e00240f6beef713142246 (v2.73rc1)
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1581181

EPSS

Процентиль: 24%

0.0008

Низкий

Связанные уязвимости

CVE-2015-8899

CVSS3: 7.5

ubuntu

больше 9 лет назад

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

CVE-2015-8899

redhat

около 10 лет назад

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

CVE-2015-8899

CVSS3: 7.5

nvd

больше 9 лет назад

Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.

openSUSE-SU-2017:0016-1

suse-cvrf

около 9 лет назад

Security update for dnsmasq

SUSE-SU-2016:3269-1

suse-cvrf

около 9 лет назад

Security update for dnsmasq

EPSS

Процентиль: 24%

0.0008

Низкий