CVE-2012-3411

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Dnsmasq versions prior to 2.63test1

Description The issue allows remote attackers to cause a denial of service, specifically through traffic amplification, by sending a spoofed DNS query. This occurs when Dnsmasq is used with certain configurations in libvirt and responds to requests from prohibited interfaces.

Recommendations For versions prior to 2.63test1, update to version 2.63test1 or later to resolve the issue. As a temporary workaround, consider restricting access to the DNS service to minimize the risk of exploitation.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CESA-2013_0276

CESA-2013_0277

CVE-2012-3411

RHSA-2013:0276

RHSA-2013:0277

RHSA-2013:0579

RHSA-2013_0276

RHSA-2013_0277

Affected Products

Centos

Dnsmasq

Red Hat

Libvirt

CVE-2012-3411

Weakness Enumeration

Related Identifiers

Affected Products

References · 39