Details of VAR-201710-1433

ID

VAR-201710-1433

CVE

CVE-2017-14491

TITLE

Dnsmasq contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#973527

DESCRIPTION

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493) * An information leak was found in dnsmasq in the DHCPv6 relay code. (CVE-2017-14494) * A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495) * An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018 dnsmasq regression =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: USN-3430-2 introduced regression in Dnsmasq. Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491) Felix Wilhelm, Fermin J. (CVE-2017-14492) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4 After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2839-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2839 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 ===================================================================== 1. Summary: An update for dnsmasq is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64 3. Description: The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491) Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: dnsmasq-2.48-16.el6_7.1.src.rpm x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.2): Source: dnsmasq-2.48-5.el6_2.2.src.rpm x86_64: dnsmasq-2.48-5.el6_2.2.x86_64.rpm dnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: dnsmasq-2.48-13.el6_4.1.src.rpm x86_64: dnsmasq-2.48-13.el6_4.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: dnsmasq-2.48-13.el6_5.1.src.rpm x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.5): Source: dnsmasq-2.48-13.el6_5.1.src.rpm x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.6): Source: dnsmasq-2.48-14.el6_6.1.src.rpm x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: dnsmasq-2.48-14.el6_6.1.src.rpm x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: dnsmasq-2.48-16.el6_7.1.src.rpm i386: dnsmasq-2.48-16.el6_7.1.i686.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm ppc64: dnsmasq-2.48-16.el6_7.1.ppc64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm s390x: dnsmasq-2.48-16.el6_7.1.s390x.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: dnsmasq-2.48-13.el6_4.1.src.rpm x86_64: dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: dnsmasq-2.48-13.el6_5.1.src.rpm x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.5): Source: dnsmasq-2.48-13.el6_5.1.src.rpm x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm dnsmasq-utils-2.48-16.el6_7.1.i686.rpm ppc64: dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm dnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm s390x: dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm dnsmasq-utils-2.48-16.el6_7.1.s390x.rpm x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG 7t7GGwkabW2pC2Wcr35n/G8= =S/6b -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/dnsmasq < 2.78 >= 2.78 Description =========== Multiple vulnerabilities have been discovered in Dnsmasq. Workaround ========== There is no known workaround at this time. Resolution ========== All Dnsmasq users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78" References ========== [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-27 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 3.78

sources: NVD: CVE-2017-14491 // CERT/CC: VU#973527 // JVNDB: JVNDB-2017-008618 // BID: 101977 // BID: 101085 // VULMON: CVE-2017-14491 // PACKETSTORM: 144484 // PACKETSTORM: 145652 // PACKETSTORM: 144474 // PACKETSTORM: 144477 // PACKETSTORM: 144469 // PACKETSTORM: 144481 // PACKETSTORM: 144482 // PACKETSTORM: 144706 // PACKETSTORM: 144472

AFFECTED PRODUCTS

vendor:	opensuse	model:	leap	scope:	eq	version:	42.3	Trust: 1.3
vendor:	opensuse	model:	leap	scope:	eq	version:	42.2	Trust: 1.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	12	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	6.5.3.3	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	6.4.4.16	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	6.5.4.0	Trust: 1.0
vendor:	synology	model:	router manager	scope:	eq	version:	1.1	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	6.1	Trust: 1.0
vendor:	nvidia	model:	geforce experience	scope:	lt	version:	3.10.0.55	Trust: 1.0
vendor:	siemens	model:	scalance s615	scope:	lt	version:	5.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	6.3.1.25	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	6.5.1.9	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	6.5.3.0	Trust: 1.0
vendor:	siemens	model:	scalance w1750d	scope:	lt	version:	6.5.1.5	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	6.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	7.0	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	11	Trust: 1.0
vendor:	suse	model:	linux enterprise point of sale	scope:	eq	version:	11	Trust: 1.0
vendor:	suse	model:	linux enterprise debuginfo	scope:	eq	version:	11	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	12.04	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6.0	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	6.5.4.2	Trust: 1.0
vendor:	siemens	model:	ruggedcom rm1224	scope:	lt	version:	5.0	Trust: 1.0
vendor:	nvidia	model:	geforce experience	scope:	gte	version:	3.0	Trust: 1.0
vendor:	arista	model:	eos	scope:	gte	version:	4.18	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	8.1.0.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	6.3.1	Trust: 1.0
vendor:	arista	model:	eos	scope:	gte	version:	4.16	Trust: 1.0
vendor:	siemens	model:	scalance m-800	scope:	lt	version:	5.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7.0	Trust: 1.0
vendor:	nvidia	model:	linux for tegra	scope:	lt	version:	r21.6	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	6.4.4.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7.0	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	lt	version:	8.1.0.4	Trust: 1.0
vendor:	arista	model:	eos	scope:	lte	version:	4.15	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	17.04	Trust: 1.0
vendor:	arista	model:	eos	scope:	lt	version:	4.16.13m	Trust: 1.0
vendor:	huawei	model:	honor v9 play	scope:	lt	version:	jimmy-al00ac00b135	Trust: 1.0
vendor:	arista	model:	eos	scope:	lte	version:	4.18.4.2f	Trust: 1.0
vendor:	arista	model:	eos	scope:	gte	version:	4.17	Trust: 1.0
vendor:	nvidia	model:	linux for tegra	scope:	lt	version:	r24.2.2	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.1	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	5.2	Trust: 1.0
vendor:	arubanetworks	model:	arubaos	scope:	gte	version:	6.5.0.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6.0	Trust: 1.0
vendor:	arista	model:	eos	scope:	lt	version:	4.17.8m	Trust: 1.0
vendor:	thekelleys	model:	dnsmasq	scope:	lte	version:	2.77	Trust: 1.0
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.77	Trust: 0.9
vendor:	ruckus	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	technicolor	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dnsmasq	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	canonical	model:	ubuntu	scope:	-	version:	-	Trust: 0.8
vendor:	レッドハット	model:	red hat enterprise linux server	scope:	-	version:	-	Trust: 0.8
vendor:	レッドハット	model:	red hat enterprise linux workstation	scope:	-	version:	-	Trust: 0.8
vendor:	レッドハット	model:	red hat enterprise linux desktop	scope:	-	version:	-	Trust: 0.8
vendor:	opensuse	model:	leap	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	thekelleys	model:	dnsmasq	scope:	-	version:	-	Trust: 0.8
vendor:	redhat	model:	enterprise linux server year extended update support	scope:	eq	version:	-47.4	Trust: 0.6
vendor:	siemens	model:	scalance w1750d	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	scalance s615	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	scalance m800	scope:	eq	version:	0	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	17.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	16.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	14.04	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.75	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.72	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.71	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.70	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.7	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.65	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.64	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.63	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.62	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.61	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.60	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.6	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.59	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.58	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.57	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.56	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.55	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.54	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.53	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.52	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.51	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.50	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.49	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.48	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.47	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.46	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.45	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.44	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.43	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.42	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.41	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.40	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.4	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.38	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.37	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.36	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.35	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.34	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.33	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.30	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.29	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.28	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.27	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.26	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.25	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.24	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.23	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.22	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.21	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.20	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.2	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.19	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.18	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.17	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.16	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.15	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.14	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.13	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.12	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.11	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	2.10	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.9	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.8	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.6	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.5	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.4	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.3	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.18	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.17	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.16	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.15	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.14	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.13	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.12	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.11	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.10	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	1.0	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.996	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.992	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.98	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.96	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.95	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.7	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.6	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.5	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	eq	version:	0.4	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	14.2	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	14.1	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	14.0	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	13.37	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	13.1	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	13.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation optional	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	6.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	6.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional eus	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional eus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional eus	scope:	eq	version:	6.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional aus	scope:	eq	version:	6.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional aus	scope:	eq	version:	6.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional aus	scope:	eq	version:	6.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server for arm	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	6.6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	6.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	6.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	6.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update suppor	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server year extended update support	scope:	eq	version:	-47.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux server year extended upd	scope:	eq	version:	-47.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux long life server	scope:	eq	version:	5.9	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux for scientific computing	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update supp	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update suppo	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power little endian extended update suppo	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux for power big endian extended update support	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems extended update support	scope:	eq	version:	-7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux for ibm z systems	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus compute node	scope:	eq	version:	7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode optional eus	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode optional eus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode optional	scope:	eq	version:	7	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode eus	scope:	eq	version:	7.3	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode eus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux computenode	scope:	eq	version:	7	Trust: 0.3
vendor:	oracle	model:	linux	scope:	eq	version:	7	Trust: 0.3
vendor:	oracle	model:	linux	scope:	eq	version:	6	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.7.6	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.7	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.6.10	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.6	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.5.7	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.5	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	eq	version:	1.2	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	4.4.4	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	8.0	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	7.0	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	6.0	Trust: 0.3
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	27	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-30	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	centos	model:	centos	scope:	eq	version:	7	Trust: 0.3
vendor:	centos	model:	centos	scope:	eq	version:	6	Trust: 0.3
vendor:	thekelleys	model:	dnsmasq	scope:	ne	version:	2.78	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	ne	version:	1.8	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	ne	version:	1.7.7	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	ne	version:	1.6.11	Trust: 0.3
vendor:	kubernetes	model:	kubernetes	scope:	ne	version:	1.5.8	Trust: 0.3

sources: CERT/CC: VU#973527 // BID: 101977 // BID: 101085 // JVNDB: JVNDB-2017-008618 // CNNVD: CNNVD-201709-747 // NVD: CVE-2017-14491

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-14491
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-14491
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201709-747
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2017-14491
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-14491
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2017-14491
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-14491
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2017-14491 // JVNDB: JVNDB-2017-008618 // CNNVD: CNNVD-201709-747 // NVD: CVE-2017-14491

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Buffer error (CWE-119) [NVD evaluation ]	Trust: 0.8
problemtype:	Heap-based buffer overflow (CWE-122) [IPA evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2017-008618 // NVD: CVE-2017-14491

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 145652 // PACKETSTORM: 144469 // PACKETSTORM: 144706 // CNNVD: CNNVD-201709-747

TYPE

overflow, arbitrary

Trust: 0.6

sources: PACKETSTORM: 144484 // PACKETSTORM: 144474 // PACKETSTORM: 144477 // PACKETSTORM: 144481 // PACKETSTORM: 144482 // PACKETSTORM: 144472

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2017-14491

PATCH

title:	Multiple Critical and Important vulnerabilities	url:	https://usn.ubuntu.com/usn/USN-3430-1/	Trust: 0.8
title:	Dnsmasq Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92843	Trust: 0.6
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172838 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172841 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172840 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172839 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172837 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: dnsmasq security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20172836 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=fa8aad66cae5df51d49e1cdce2fe4a42	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2017-14491	Trust: 0.1
title:	Ubuntu Security Notice: dnsmasq vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3430-2	Trust: 0.1
title:	Ubuntu Security Notice: dnsmasq regression	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3430-3	Trust: 0.1
title:	Ubuntu Security Notice: dnsmasq vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3430-1	Trust: 0.1
title:	Debian Security Advisories: DSA-3989-1 dnsmasq -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=5c18698ecfe74c7de381531f8ed44dcf	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=7f490a104360d6f65bee18ec7bfa18a3	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2019-1251	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1251	Trust: 0.1
title:	Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201710-1	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2017-907	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2017-907	Trust: 0.1
title:	Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=b1921e7bf61366a1d7f889a7cdefa932	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=6283337cd31f81f24d445925f2138c0e	Trust: 0.1
title:	Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=7251d5e5f2b1771951980ad7cfde50ba	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/suhaad79/aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/calvinkkd/aws-k8s-kkd-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/simonelle/aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/scholzj/aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/bisiman2/aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/honey336/-aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible -1 aws-k8s-kops-ansible aws-k8s-kops-ansible aws-k8s-kops-ansible aws-k8s-kops-ansible	url:	https://github.com/Andreadote/aws-k8s-kops-ansible	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/RavitejaAdepudi/KopsCluster	Trust: 0.1
title:	Kubernetes setup on Amazon AWS using Kops and Ansible	url:	https://github.com/lorerunner/devops_kubenerates_aws	Trust: 0.1
title:	Kaosagnt's Ansible Everyday Utils	url:	https://github.com/kaosagnt/ansible-everyday	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/xbl3/awesome-cve-poc_qazbnm456	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/lnick2023/nicenice	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/qazbnm456/awesome-cve-poc	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/	Trust: 0.1

sources: VULMON: CVE-2017-14491 // JVNDB: JVNDB-2017-008618 // CNNVD: CNNVD-201709-747

EXTERNAL IDS

db:	NVD	id:	CVE-2017-14491	Trust: 4.8
db:	CERT/CC	id:	VU#973527	Trust: 3.6
db:	BID	id:	101085	Trust: 2.0
db:	BID	id:	101977	Trust: 2.0
db:	ICS CERT	id:	ICSA-17-332-01	Trust: 2.0
db:	SECTRACK	id:	1039474	Trust: 1.7
db:	SIEMENS	id:	SSA-689071	Trust: 1.7
db:	PACKETSTORM	id:	144480	Trust: 1.7
db:	EXPLOIT-DB	id:	42941	Trust: 1.7
db:	ICS CERT	id:	ICSA-24-074-07	Trust: 0.8
db:	JVN	id:	JVNVU93453933	Trust: 0.8
db:	JVN	id:	JVNVU93656033	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-008618	Trust: 0.8
db:	CNNVD	id:	CNNVD-201709-747	Trust: 0.6
db:	VULMON	id:	CVE-2017-14491	Trust: 0.1
db:	PACKETSTORM	id:	144484	Trust: 0.1
db:	PACKETSTORM	id:	145652	Trust: 0.1
db:	PACKETSTORM	id:	144474	Trust: 0.1
db:	PACKETSTORM	id:	144477	Trust: 0.1
db:	PACKETSTORM	id:	144469	Trust: 0.1
db:	PACKETSTORM	id:	144481	Trust: 0.1
db:	PACKETSTORM	id:	144482	Trust: 0.1
db:	PACKETSTORM	id:	144706	Trust: 0.1
db:	PACKETSTORM	id:	144472	Trust: 0.1

sources: CERT/CC: VU#973527 // VULMON: CVE-2017-14491 // BID: 101977 // BID: 101085 // JVNDB: JVNDB-2017-008618 // PACKETSTORM: 144484 // PACKETSTORM: 145652 // PACKETSTORM: 144474 // PACKETSTORM: 144477 // PACKETSTORM: 144469 // PACKETSTORM: 144481 // PACKETSTORM: 144482 // PACKETSTORM: 144706 // PACKETSTORM: 144472 // CNNVD: CNNVD-201709-747 // NVD: CVE-2017-14491

REFERENCES

url:	https://www.kb.cert.org/vuls/id/973527	Trust: 3.5
url:	http://www.debian.org/security/2017/dsa-3989	Trust: 3.1
url:	http://www.securityfocus.com/bid/101085	Trust: 2.9
url:	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	Trust: 2.8
url:	https://access.redhat.com/security/vulnerabilities/3199382	Trust: 2.3
url:	https://access.redhat.com/errata/rhsa-2017:2837	Trust: 2.1
url:	https://access.redhat.com/errata/rhsa-2017:2836	Trust: 2.1
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-332-01	Trust: 2.0
url:	https://access.redhat.com/errata/rhsa-2017:2838	Trust: 1.9
url:	http://www.ubuntu.com/usn/usn-3430-1	Trust: 1.9
url:	https://www.exploit-db.com/exploits/42941/	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2017:2841	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2017:2840	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2017:2839	Trust: 1.8
url:	https://security.gentoo.org/glsa/201710-27	Trust: 1.8
url:	http://www.ubuntu.com/usn/usn-3430-3	Trust: 1.8
url:	http://www.thekelleys.org.uk/dnsmasq/doc.html	Trust: 1.7
url:	http://www.securitytracker.com/id/1039474	Trust: 1.7
url:	http://thekelleys.org.uk/dnsmasq/changelog	Trust: 1.7
url:	http://www.ubuntu.com/usn/usn-3430-2	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html	Trust: 1.7
url:	http://nvidia.custhelp.com/app/answers/detail/a_id/4561	Trust: 1.7
url:	http://www.securityfocus.com/bid/101977	Trust: 1.7
url:	https://www.synology.com/support/security/synology_sa_17_59_dnsmasq	Trust: 1.7
url:	http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf	Trust: 1.7
url:	http://nvidia.custhelp.com/app/answers/detail/a_id/4560	Trust: 1.7
url:	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html	Trust: 1.7
url:	https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449	Trust: 1.7
url:	http://packetstormsecurity.com/files/144480/dnsmasq-2-byte-heap-based-overflow.html	Trust: 1.7
url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html	Trust: 1.7
url:	https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14491	Trust: 1.7
url:	https://access.redhat.com/security/cve/cve-2017-14491	Trust: 1.5
url:	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc	Trust: 1.1
url:	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html	Trust: 1.1
url:	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2017-14492	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2017-14493	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2017-14494	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2017-14495	Trust: 1.0
url:	https://access.redhat.com/security/cve/cve-2017-14496	Trust: 1.0
url:	http://www.thekelleys.org.uk/dnsmasq/changelog	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py	Trust: 0.9
url:	https://github.com/kubernetes/kubernetes/blob/master/changelog.md	Trust: 0.9
url:	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.601472	Trust: 0.9
url:	https://source.android.com/security/bulletin/2017-10-01	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495410	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495411	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495412	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495415	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495416	Trust: 0.9
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495510	Trust: 0.9
url:	https://access.redhat.com/security/cve/cve-2017-13704	Trust: 0.9
url:	https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py	Trust: 0.9
url:	https://www.ruckuswireless.com/security	Trust: 0.8
url:	https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu93453933/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93656033/index.html	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07	Trust: 0.8
url:	https://access.redhat.com/security/updates/classification/#critical	Trust: 0.6
url:	https://access.redhat.com/articles/11258	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.6
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/	Trust: 0.6
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409	Trust: 0.6
url:	https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html	Trust: 0.6
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/	Trust: 0.6
url:	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc	Trust: 0.6
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/	Trust: 0.6
url:	https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14493	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14494	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14492	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14496	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14495	Trust: 0.4
url:	http://subscriber.communications.siemens.com/	Trust: 0.3
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://github.com/suhaad79/aws-k8s-kops-ansible	Trust: 0.1
url:	https://github.com/scholzj/aws-k8s-kops-ansible	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://launchpad.net/bugs/1741262	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494	Trust: 0.1

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 144484 // PACKETSTORM: 144474 // PACKETSTORM: 144477 // PACKETSTORM: 144481 // PACKETSTORM: 144482 // PACKETSTORM: 144472

SOURCES

db:	CERT/CC	id:	VU#973527
db:	VULMON	id:	CVE-2017-14491
db:	BID	id:	101977
db:	BID	id:	101085
db:	JVNDB	id:	JVNDB-2017-008618
db:	PACKETSTORM	id:	144484
db:	PACKETSTORM	id:	145652
db:	PACKETSTORM	id:	144474
db:	PACKETSTORM	id:	144477
db:	PACKETSTORM	id:	144469
db:	PACKETSTORM	id:	144481
db:	PACKETSTORM	id:	144482
db:	PACKETSTORM	id:	144706
db:	PACKETSTORM	id:	144472
db:	CNNVD	id:	CNNVD-201709-747
db:	NVD	id:	CVE-2017-14491

LAST UPDATE DATE

2024-09-17T20:29:17.287000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#973527	date:	2018-02-02T00:00:00
db:	VULMON	id:	CVE-2017-14491	date:	2023-11-07T00:00:00
db:	BID	id:	101977	date:	2019-05-15T17:00:00
db:	BID	id:	101085	date:	2017-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2017-008618	date:	2024-03-22T07:54:00
db:	CNNVD	id:	CNNVD-201709-747	date:	2022-04-24T00:00:00
db:	NVD	id:	CVE-2017-14491	date:	2023-11-07T02:39:01.190

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#973527	date:	2017-10-02T00:00:00
db:	VULMON	id:	CVE-2017-14491	date:	2017-10-04T00:00:00
db:	BID	id:	101977	date:	2017-11-28T00:00:00
db:	BID	id:	101085	date:	2017-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2017-008618	date:	2017-10-24T00:00:00
db:	PACKETSTORM	id:	144484	date:	2017-10-03T05:19:24
db:	PACKETSTORM	id:	145652	date:	2018-01-04T17:50:40
db:	PACKETSTORM	id:	144474	date:	2017-10-02T08:55:00
db:	PACKETSTORM	id:	144477	date:	2017-10-02T11:11:00
db:	PACKETSTORM	id:	144469	date:	2017-10-02T13:13:00
db:	PACKETSTORM	id:	144481	date:	2017-10-03T05:18:12
db:	PACKETSTORM	id:	144482	date:	2017-10-03T05:18:27
db:	PACKETSTORM	id:	144706	date:	2017-10-23T13:54:05
db:	PACKETSTORM	id:	144472	date:	2017-10-02T08:33:00
db:	CNNVD	id:	CNNVD-201709-747	date:	2017-09-18T00:00:00
db:	NVD	id:	CVE-2017-14491	date:	2017-10-04T01:29:02.870