PT-2018-5766 · Dnsmasq+3 · Dnsmasq+3

Simon Kelley

Publicado

2018-01-19

Atualizado

2024-06-15

CVE-2017-15107

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Dnsmasq versions up to and including 2.78

Description: A vulnerability was found in the implementation of DNSSEC in Dnsmasq. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Recommendations: For versions up to and including 2.78, update to a version that includes a fix for this issue to prevent improper interpretation of wildcard synthesized NSEC records.

Correção

Improperly Implemented Security Check for Standard

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-358

Identificadores relacionados

ALT-PU-2018-1599

BDU:2026-01424

CVE-2017-15107

OPENSUSE-SU-2019:2669-1

OPENSUSE-SU-2019_2669-1

OPENSUSE-SU-2024:10721-1

SUSE-SU-2019:14190-1

SUSE-SU-2019:1721-1

SUSE-SU-2019:3188-1

SUSE-SU-2019:3189-1

SUSE-SU-2019_14190-1

SUSE-SU-2019_1721-1

SUSE-SU-2019_3188-1

SUSE-SU-2019_3189-1

USN-4924-1

Produtos afetados

Alt Linux

Dnsmasq

Suse

Ubuntu

PT-2018-5766 · Dnsmasq+3 · Dnsmasq+3

CVE-2017-15107

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51