CVE-2017-14491 - OpenCVE

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Linux Enterprise Debuginfo Linux Enterprise Server Linux Enterprise Point Of Sale
Siemens	Ruggedcom Rm1224 Firmware Scalance W1750d Firmware Ruggedcom Rm1224 Scalance S615 Firmware Scalance M-800 Scalance S615 Scalance M-800 Firmware Scalance W1750d
Nvidia	Linux For Tegra Jetson Tx1 Jetson Tk1 Geforce Experience
Huawei	Honor V9 Play Honor V9 Play Firmware
Redhat	Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server
Synology	Diskstation Manager Router Manager
Opensuse	Leap
Canonical	Ubuntu Linux
Microsoft	Windows
Debian	Debian Linux
Arubanetworks	Arubaos
Arista	Eos
Thekelleys	Dnsmasq

Configuration 1 [-]

cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.1:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:opensuse:leap:42.2:::::::*
	cpe:2.3:o:opensuse:leap:42.3:::::::*

Configuration 6 [-]

OR	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3::::::
	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4::::::
	cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:::ltss:::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:12::::ltss:::

Configuration 7 [-]

AND

cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*

cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*

cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*

Configuration 11 [-]

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

Configuration 12 [-]

AND

cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*

Configuration 16 [-]

OR	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::

Configuration 17 [-]

OR	cpe:2.3:a:synology:diskstation_manager:5.2:::::::*
	cpe:2.3:a:synology:diskstation_manager:6.0:::::::*
	cpe:2.3:a:synology:diskstation_manager:6.1:::::::*
	cpe:2.3:a:synology:router_manager:1.1:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	Mailing List Third Party Advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/4560	Third Party Advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/4561	Third Party Advisory
http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html	Exploit Third Party Advisory VDB Entry
http://thekelleys.org.uk/dnsmasq/CHANGELOG	Release Notes Vendor Advisory
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt	Third Party Advisory
http://www.debian.org/security/2017/dsa-3989	Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en	Third Party Advisory
http://www.securityfocus.com/bid/101085	Broken Link
http://www.securityfocus.com/bid/101977	Broken Link
http://www.securitytracker.com/id/1039474	Broken Link
http://www.ubuntu.com/usn/USN-3430-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-3430-2	Third Party Advisory
http://www.ubuntu.com/usn/USN-3430-3	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2836	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2837	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2838	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2839	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2840	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2841	Third Party Advisory
https://access.redhat.com/security/vulnerabilities/3199382	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf	Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/
https://security.gentoo.org/glsa/201710-27	Third Party Advisory
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30	Mitigation Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449	Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/	Third Party Advisory
https://www.debian.org/security/2017/dsa-3989	Third Party Advisory
https://www.exploit-db.com/exploits/42941/	Exploit Third Party Advisory VDB Entry
https://www.kb.cert.org/vuls/id/973527	Third Party Advisory US Government Resource
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq	Third Party Advisory