DNSmasq Broadcast Reply Denial Of Service Vulnerability
BID:17662
Info
DNSmasq Broadcast Reply Denial Of Service Vulnerability
| Bugtraq ID: | 17662 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 24 2006 12:00AM |
| Updated: | Apr 24 2006 07:41PM |
| Credit: | Sandra Dekkers is credited with the discovery of this vulnerability. |
| Vulnerable: |
Dnsmasq Dnsmasq 2.29 |
| Not Vulnerable: |
Dnsmasq Dnsmasq 2.30 |
Discussion
DNSmasq Broadcast Reply Denial Of Service Vulnerability
Dnsmasq is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the application to crash by sending a 'broadcast reply' request to the server application.
By causing the application to crash, the attacker can deny service to legitimate users.
Dnsmasq is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the application to crash by sending a 'broadcast reply' request to the server application.
By causing the application to crash, the attacker can deny service to legitimate users.
Exploit / POC
DNSmasq Broadcast Reply Denial Of Service Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
DNSmasq Broadcast Reply Denial Of Service Vulnerability
Solution:
The vendor has released version 2.30 to address this issue; please see the reference section for further details.
Dnsmasq Dnsmasq 2.29
Solution:
The vendor has released version 2.30 to address this issue; please see the reference section for further details.
Dnsmasq Dnsmasq 2.29
-
Dnsmasq dnsmasq-2.30.tar.gz
http://thekelleys.org.uk/dnsmasq/dnsmasq-2.30.tar.gz
References
DNSmasq Broadcast Reply Denial Of Service Vulnerability
References:
References:
- Dnsmasq Change Log (Dnsmasq)
- Dnsmasq Home Page (Dnsmasq)