ID

VAR-201303-0197

CVE

CVE-2013-0198

TITLE

Dnsmasq Service disruption in ( Traffic amplification ) Vulnerabilities

DESCRIPTION

Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411. Dnsmasq is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause denial-of-service conditions through a large stream of spoofed DNS queries. Dnsmasq versions 2.62 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:072 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : dnsmasq Date : April 8, 2013 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Updated dnsmasq packages fix security vulnerabilities: When dnsmasq before 2.63 is used in conjunctions with certain configurations of libvirtd, network packets from prohibited networks (e.g. packets that should not be passed in) may be sent to the dnsmasq application and processed. This can result in DNS amplification attacks for example (CVE-2012-3411). This update adds a new option --bind-dynamic which is immune to this problem. Updated dnsmasq packages fix security vulnerabilities (CVE-2013-0198): This update completes the fix for CVE-2012-3411 provided with dnsmasq-2.63. This update fix these three cases. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0273 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0030 _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 89bdd7af8963a0c0e51a52b5b08295b0 mbs1/x86_64/dnsmasq-2.63-1.mbs1.x86_64.rpm 1b45290efb8694734cfa1616b5ef6294 mbs1/x86_64/dnsmasq-base-2.63-1.mbs1.x86_64.rpm 8782b678c40e2c8ccedb39f60e2b6f0d mbs1/SRPMS/dnsmasq-2.63-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFRYvSNmqjQ0CJFipgRAmDuAKDqB4WerX13N+7g/zR6iU5C6b8QjACdEdEW koGb8Voa5rhgjjRVCT1ZvBg= =VQ4h -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Dnsmasq: Denial of Service Date: June 25, 2014 Bugs: #436894, #453170 ID: 201406-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability in Dnsmasq can lead to a Denial of Service condition. Background ========== Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. Workaround ========== There is no known workaround at this time. Resolution ========== All Dnsmasq users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.66" References ========== [ 1 ] CVE-2012-3411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3411 [ 2 ] CVE-2013-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0198 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201406-24.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

input validation error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Josh Stone

SOURCES

LAST UPDATE DATE

2024-11-23T20:14:04.603000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE