Skip to main content

Dnsmasq CVE-2012-3411

MEDIUM
Improper Input Validation (CWE-20)
2013-03-05 secalert@redhat.com
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Mar 05, 2013 - 21:38 cve.org
MEDIUM 5.0

DescriptionCVE.org

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.

AnalysisAI

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. Affected products include: Thekelleys Dnsmasq, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Workstation. Version information: before 2.63.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-14492 CRITICAL POC
9.8 Oct 03

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut

CVE-2017-14491 CRITICAL POC
9.8 Oct 04

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut

CVE-2017-13704 HIGH
7.5 Oct 03

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call get

CVE-2017-14495 HIGH POC
7.5 Oct 03

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote

CVE-2017-14496 HIGH POC
7.5 Oct 03

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-su

CVE-2017-14493 CRITICAL POC
9.8 Oct 03

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execu

CVE-2017-14494 MEDIUM POC
5.9 Oct 03

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vect

CVE-2019-14513 HIGH POC
7.5 Aug 01

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that

CVE-2015-3294 MEDIUM POC
6.4 May 08

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function

CVE-2013-0198 MEDIUM POC
5.0 Mar 05

Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces,

CVE-2026-4892 HIGH
8.4 May 11

Heap-based buffer overflow in dnsmasq's DHCPv6 implementation enables local attackers to execute arbitrary code with roo

CVE-2021-3448 MEDIUM POC
4.0 Apr 08

A flaw was found in dnsmasq in versions before 2.85. Rated medium severity (CVSS 4.0), this vulnerability is remotely ex

Share

CVE-2012-3411 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy