| VID |
19019 |
| Severity |
30 |
| Port |
53 |
| Protocol |
TCP,UDP |
| Class |
DNS |
| Detailed Description |
A version of Dnsmasq which is older than 2.21 is detected as running on the host. Dnsmasq is lightweight, easy to configure DNS (Domain Name Server) forwarder and DHCP server running on Unix-based operating systems. Dnsmasq versions 2.20 and earlier are vulnerable to two vulnerabilities, which can allow a remote attacker to cause a denial of service or carry out DNS cache poisoning attacks. Especially, the denial of service condition may occur due to the off-by-one overflow vulnerability. Although unconfirmed, there is a circumstantial possibility of remote code execution in the context of the server.
* Note: This check solely relied on the version number of the remote DNS server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/14691/
http://www.thekelleys.org.uk/dnsmasq/doc.html
* Platforms Affected:
Simon Kelley, Dnsmasq versions 2.20 and earlier
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Dnsmasq (2.21 or later), available from the Dnsmasq Index Web page at http://www.thekelleys.org.uk/dnsmasq/ |
| Related URL |
CVE-2005-0876,CVE-2005-0877 (CVE) |
| Related URL |
12897 (SecurityFocus) |
| Related URL |
19825,19826 (ISS) |
|
