Количество 16
Количество 16
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default a maximum of 150 pending queries can be sent to upstream servers so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a quer ...
GHSA-9xp3-mp9c-47rf
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
BDU:2021-03619
Уязвимость DNS-сервера Dnsmasq, связанная с ошибками реализации проверки безопасности для стандартных элементов, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
ELSA-2021-0153
ELSA-2021-0153: dnsmasq security update (MODERATE)
openSUSE-SU-2021:0129-1
Security update for dnsmasq
openSUSE-SU-2021:0124-1
Security update for dnsmasq
SUSE-SU-2021:14604-1
Security update for dnsmasq
SUSE-SU-2021:0166-1
Security update for dnsmasq
SUSE-SU-2021:0163-1
Security update for dnsmasq
SUSE-SU-2021:0162-1
Security update for dnsmasq
ELSA-2021-0150
ELSA-2021-0150: dnsmasq security update (IMPORTANT)
SUSE-SU-2021:14603-1
Security update for dnsmasq
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-25686 A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | CVSS3: 3.7 | 0% Низкий | около 5 лет назад |
 | CVE-2020-25686 A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | CVSS3: 4 | 0% Низкий | около 5 лет назад |
 | CVE-2020-25686 A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | CVSS3: 3.7 | 0% Низкий | около 5 лет назад |
 | CVE-2020-25686 A flaw was found in dnsmasq before version 2.83. When receiving a query dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default a maximum of 150 pending queries can be sent to upstream servers so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | CVSS3: 3.7 | 0% Низкий | около 5 лет назад |
| CVE-2020-25686 A flaw was found in dnsmasq before version 2.83. When receiving a quer ... | CVSS3: 3.7 | 0% Низкий | около 5 лет назад |
| GHSA-9xp3-mp9c-47rf A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | CVSS3: 3.7 | 0% Низкий | больше 3 лет назад |
 | BDU:2021-03619 Уязвимость DNS-сервера Dnsmasq, связанная с ошибками реализации проверки безопасности для стандартных элементов, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 3.7 | 0% Низкий | около 5 лет назад |
| ELSA-2021-0153 ELSA-2021-0153: dnsmasq security update (MODERATE) | около 5 лет назад | ||
 | openSUSE-SU-2021:0129-1 Security update for dnsmasq | около 5 лет назад | ||
| openSUSE-SU-2021:0124-1 Security update for dnsmasq | около 5 лет назад | ||
| SUSE-SU-2021:14604-1 Security update for dnsmasq | около 5 лет назад | ||
| SUSE-SU-2021:0166-1 Security update for dnsmasq | около 5 лет назад | ||
| SUSE-SU-2021:0163-1 Security update for dnsmasq | около 5 лет назад | ||
| SUSE-SU-2021:0162-1 Security update for dnsmasq | около 5 лет назад | ||
| ELSA-2021-0150 ELSA-2021-0150: dnsmasq security update (IMPORTANT) | около 5 лет назад | ||
| SUSE-SU-2021:14603-1 Security update for dnsmasq | около 5 лет назад |
Уязвимостей на страницу