VYPR

rpm package

suse/dnsmasq&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

pkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Vulnerabilities (7)

  • CVE-2017-14491CriOct 4, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

  • CVE-2017-14496HigOct 3, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

  • CVE-2017-14495HigOct 3, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • CVE-2017-14494MedOct 3, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

  • CVE-2017-14493CriOct 3, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • CVE-2017-14492CriOct 3, 2017
    affected < 2.78-18.3.1fixed 2.78-18.3.1

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

  • CVE-2015-8899HigJun 30, 2016
    affected < 2.71-13.1fixed 2.71-13.1

    Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.