Количество 15
Количество 15
GHSA-4g83-8xc3-pp6v
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-25683
CVE-2020-25683
A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...
BDU:2021-03622
Уязвимость функции extract_name() (rfc1035.c) DNS-сервера Dnsmasq, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
openSUSE-SU-2021:0129-1
Security update for dnsmasq
openSUSE-SU-2021:0124-1
Security update for dnsmasq
SUSE-SU-2021:14604-1
Security update for dnsmasq
SUSE-SU-2021:0166-1
Security update for dnsmasq
SUSE-SU-2021:0163-1
Security update for dnsmasq
SUSE-SU-2021:0162-1
Security update for dnsmasq
ELSA-2021-0150
ELSA-2021-0150: dnsmasq security update (IMPORTANT)
SUSE-SU-2021:14603-1
Security update for dnsmasq
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-4g83-8xc3-pp6v A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | 30% Средний | больше 3 лет назад | |
 | CVE-2020-25683 A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | CVSS3: 5.9 | 30% Средний | больше 4 лет назад |
 | CVE-2020-25683 A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | CVSS3: 5.9 | 30% Средний | больше 4 лет назад |
 | CVE-2020-25683 A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | CVSS3: 5.9 | 30% Средний | больше 4 лет назад |
 | CVSS3: 5.9 | 30% Средний | больше 4 лет назад | |
| CVE-2020-25683 A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ... | CVSS3: 5.9 | 30% Средний | больше 4 лет назад |
 | BDU:2021-03622 Уязвимость функции extract_name() (rfc1035.c) DNS-сервера Dnsmasq, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 30% Средний | больше 4 лет назад |
 | openSUSE-SU-2021:0129-1 Security update for dnsmasq | больше 4 лет назад | ||
| openSUSE-SU-2021:0124-1 Security update for dnsmasq | больше 4 лет назад | ||
| SUSE-SU-2021:14604-1 Security update for dnsmasq | больше 4 лет назад | ||
| SUSE-SU-2021:0166-1 Security update for dnsmasq | больше 4 лет назад | ||
| SUSE-SU-2021:0163-1 Security update for dnsmasq | больше 4 лет назад | ||
| SUSE-SU-2021:0162-1 Security update for dnsmasq | больше 4 лет назад | ||
| ELSA-2021-0150 ELSA-2021-0150: dnsmasq security update (IMPORTANT) | больше 4 лет назад | ||
| SUSE-SU-2021:14603-1 Security update for dnsmasq | больше 4 лет назад |
Уязвимостей на страницу