CVE-2017-14491

Опубликовано: 04 окт. 2017

Источник: debian

EPSS Средний

Описание

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dnsmasq	fixed	2.78-1		package

Примечания

https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=62cb936cb7ad5f219715515ae7d32dd281a5aa1f

EPSS

Процентиль: 98%

0.60192

Средний

Связанные уязвимости

CVE-2017-14491

CVSS3: 9.8

ubuntu

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

CVE-2017-14491

CVSS3: 9.8

redhat

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

CVE-2017-14491

CVSS3: 9.8

nvd

около 8 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

GHSA-m4px-ph3f-7964

CVSS3: 9.8

github

больше 3 лет назад

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

ELSA-2017-2840

oracle-oval

около 8 лет назад

ELSA-2017-2840: dnsmasq security update (CRITICAL)

EPSS

Процентиль: 98%

0.60192

Средний