BID:12897

Dnsmasq Multiple Remote Vulnerabilities

Info

Dnsmasq Multiple Remote Vulnerabilities

Bugtraq ID:	12897
Class:	Unknown
CVE:	CVE-2005-0876 CVE-2005-0877
Remote:	Yes
Local:	No
Published:	Mar 25 2005 12:00AM
Updated:	Jul 12 2009 11:56AM
Credit:	The vendor disclosed these issues.
Vulnerable:	Dnsmasq Dnsmasq 2.20 + Slackware Linux 10.1 Dnsmasq Dnsmasq 2.19 Dnsmasq Dnsmasq 2.18 Dnsmasq Dnsmasq 2.17 Dnsmasq Dnsmasq 2.16 Dnsmasq Dnsmasq 2.15 + Gentoo Linux Dnsmasq Dnsmasq 2.14 Dnsmasq Dnsmasq 2.13 + S.u.S.E. Linux Personal 9.3 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Dnsmasq Dnsmasq 2.12 Dnsmasq Dnsmasq 2.11 Dnsmasq Dnsmasq 2.10 Dnsmasq Dnsmasq 2.9 Dnsmasq Dnsmasq 2.8 + Slackware Linux 10.0 Dnsmasq Dnsmasq 2.7 Dnsmasq Dnsmasq 2.6 Dnsmasq Dnsmasq 2.5 Dnsmasq Dnsmasq 2.4 Dnsmasq Dnsmasq 2.2 Dnsmasq Dnsmasq 2.1 Dnsmasq Dnsmasq 2.0 Dnsmasq Dnsmasq 2.30

Not Vulnerable:	Dnsmasq Dnsmasq 2.22 + Gentoo Linux Dnsmasq Dnsmasq 2.21 + Gentoo Linux

Discussion

Dnsmasq Multiple Remote Vulnerabilities

Dnsmasq is reported prone to multiple remote vulnerabilities. These issues can allow an attacker to exploit an off-by-one overflow condition and carry out DNS cache poisoning attacks.

An attacker may leverage these issues to manipulate cache data, potentially facilitating man-in-the-middle, site impersonation, or denial of service attacks.

A denial of service condition may occur due to the off-by-one overflow vulnerability. Although unconfirmed, there is a circumstantial possibility of remote code execution in the context of the server.

Reportedly, exploitation of the cache-poisoning issue is not trivial as improvements were made to the application to mitigate cache-poisoning attacks.

The off-by-one overflow issue affects Dnsmasq 2.14, 2.15, 2.16, 2.17, 2.18, 2.19 and 2.20. The cache-poisoning issue affects Dnsmasq 2.20 and prior.

Due to a lack of details, further information is not available at the moment. This BID will be updated when more information becomes available.

Exploit / POC

Dnsmasq Multiple Remote Vulnerabilities

Currently we are not aware of any exploits for these issues. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Dnsmasq Multiple Remote Vulnerabilities

Solution:
The vendor has released Dnsmasq 2.21 to address these issues.

Gentoo Linux has made an advisory available dealing with this issue. Gentoo avises that all users should update their packages by executing the following commands with superuser privileges:

emerge --sync
emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.22"

For more information please see the referenced Gentoo Linux advisory.

SuSE Linux has released an advisory (SUSE-SR:2005:011) along with updates dealing with this issue. Please see the referenced advisory for more information.

Slackware Linux has released security advisory SSA:2005-201-01 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.

Dnsmasq Dnsmasq 2.30