Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2017-14491

Disclosure Date: October 04, 2017
CVE-2017-14491 CVSS v3 Base Score: 9.8
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • arista,
  • arubanetworks,
  • canonical,
  • debian,
  • huawei,
  • nvidia,
  • opensuse,
  • redhat,
  • siemens,
  • suse,
  • synology,
  • thekelleys

Products

  • arubaos,
  • debian linux 7.0,
  • debian linux 7.1,
  • debian linux 8.0,
  • debian linux 9.0,
  • diskstation manager 5.2,
  • diskstation manager 6.0,
  • diskstation manager 6.1,
  • dnsmasq,
  • enterprise linux desktop 6.0,
  • enterprise linux desktop 7.0,
  • enterprise linux server 6.0,
  • enterprise linux server 7.0,
  • enterprise linux workstation 6.0,
  • enterprise linux workstation 7.0,
  • eos,
  • geforce experience,
  • honor v9 play firmware,
  • leap 42.2,
  • leap 42.3,
  • linux enterprise debuginfo 11,
  • linux enterprise point of sale 11,
  • linux enterprise server 11,
  • linux enterprise server 12,
  • linux for tegra,
  • router manager 1.1,
  • ruggedcom rm1224 firmware,
  • scalance m-800 firmware,
  • scalance s615 firmware,
  • scalance w1750d firmware,
  • ubuntu linux 12.04,
  • ubuntu linux 14.04,
  • ubuntu linux 16.04,
  • ubuntu linux 17.04

References

Canonical
CVE-2017-14491 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491)
BID-101085 (http://www.securityfocus.com/bid/101085)
BID-101977 (http://www.securityfocus.com/bid/101977)
Advisory
SECTRACK-1039474 (http://www.securitytracker.com/id/1039474)
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
DSA-3989 (http://www.debian.org/security/2017/dsa-3989)
https://access.redhat.com/security/vulnerabilities/3199382
USN-3430-1 (http://www.ubuntu.com/usn/USN-3430-1)
http://thekelleys.org.uk/gitweb?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
https://access.redhat.com/errata/RHSA-2017:2838
VU#973527 (https://www.kb.cert.org/vuls/id/973527)
GLSA-201710-27 (https://security.gentoo.org/glsa/201710-27)
https://access.redhat.com/errata/RHSA-2017:2840
USN-3430-2 (http://www.ubuntu.com/usn/USN-3430-2)
https://access.redhat.com/errata/RHSA-2017:2839
[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78. (https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html)
https://access.redhat.com/errata/RHSA-2017:2836
http://nvidia.custhelp.com/app/answers/detail/a_id/4561
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
https://access.redhat.com/errata/RHSA-2017:2837
EXPLOIT-DB-42941 (https://www.exploit-db.com/exploits/42941)
http://thekelleys.org.uk/dnsmasq/CHANGELOG
https://access.redhat.com/errata/RHSA-2017:2841
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION. (https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html)
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
EXPLOIT-DB-42941 (https://www.exploit-db.com/exploits/42941/)
http://nvidia.custhelp.com/app/answers/detail/a_id/4560
FEDORA-2017-515264ae24 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/)
FEDORA-2017-24f067299e (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/)
USN-3430-3 (http://www.ubuntu.com/usn/USN-3430-3)
SUSE-SU-2017:2619 (http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html)
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449
FEDORA-2017-7106a157f5 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/)
SUSE-SU-2017:2616 (http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html)
SUSE-SU-2017:2617 (http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html)
DSA-3989 (https://www.debian.org/security/2017/dsa-3989)
Miscellaneous
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html
https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis