Thekelleys Dnsmasq
11 CVEs affecting Thekelleys Dnsmasq. Latest disclosed: 2017-10-04. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-14491 | Critical | 9.8 | 2017-10-04 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS resp… |
CVE-2017-14493 | Critical | 9.8 | 2017-10-03 | Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6… |
CVE-2017-14492 | Critical | 9.8 | 2017-10-03 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 rou… |
CVE-2017-14496 | High | 7.5 | 2017-10-03 | Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote… |
CVE-2017-14495 | High | 7.5 | 2017-10-03 | Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service… |
CVE-2017-13704 | High | 7.5 | 2017-10-03 | In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigne… |
CVE-2015-8899 | High | 7.5 | 2016-06-30 | Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defin… |
CVE-2017-14494 | Medium | 5.9 | 2017-10-03 | dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded… |
CVE-2015-3294 | | 2015-05-08 | The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read… | |
CVE-2013-0198 | | 2013-03-05 | Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause… | |
CVE-2012-3411 | | 2013-03-05 | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause… |