Detections
Analytics

dnsmasq < 2.21 Multiple Remote Vulnerabilities

high Nessus Network Monitor Plugin ID 2771

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running dnsmasq, a DHCP and DNS server. The remote version of this software is vulnerable to multiple remote vulnerabilities that may allow an attacker to execute arbitrary code on the remote host or perform a DNS cache poisoning attack.

Solution

Upgrade to dnsmasq 2.21 or higher.

See Also

http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

http://secunia.com/advisories/14691

Plugin Details

Severity: High

ID: 2771

Family: DNS Servers

Published: 3/25/2005

Updated: 3/6/2019

Nessus ID: 17631

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:dnsmasq:dnsmasq

Reference Information

CVE: CVE-2005-0876, CVE-2005-0877

BID: 12897