cvelistv5 - cve-2017-13704

CVE-2017-13704 (GCVE-0-2017-13704)

Vulnerability from cvelistv5 – Published: 2017-10-02 21:00 – Updated: 2024-08-05 19:05

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securitytracker.com/id/1039474	vdb-entryx_refsource_SECTRACK
	https://www.synology.com/support/security/Synolog…	x_refsource_CONFIRM
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101085	vdb-entryx_refsource_BID
	http://www.securityfocus.com/bid/101977	vdb-entryx_refsource_BID
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://www.mail-archive.com/dnsmasq-discuss%40li…	mailing-listx_refsource_MLIST
	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3B…	x_refsource_CONFIRM
	http://thekelleys.org.uk/dnsmasq/CHANGELOG	x_refsource_CONFIRM
	https://security.googleblog.com/2017/10/behind-ma…	x_refsource_MISC
	https://www.mail-archive.com/dnsmasq-discuss%40li…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:05:20.078Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039474",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "name": "101085",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "name": "101977",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "name": "FEDORA-2017-274d763ed8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
          },
          {
            "name": "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "name": "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1039474",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039474"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/3199382"
        },
        {
          "name": "101085",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101085"
        },
        {
          "name": "101977",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101977"
        },
        {
          "name": "FEDORA-2017-274d763ed8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
        },
        {
          "name": "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
        },
        {
          "name": "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13704",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039474",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039474"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/3199382",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/3199382"
            },
            {
              "name": "101085",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101085"
            },
            {
              "name": "101977",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101977"
            },
            {
              "name": "FEDORA-2017-274d763ed8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
            },
            {
              "name": "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
              "refsource": "MLIST",
              "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
            },
            {
              "name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928",
              "refsource": "CONFIRM",
              "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
            },
            {
              "name": "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
              "refsource": "CONFIRM",
              "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
            },
            {
              "name": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
              "refsource": "MISC",
              "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
            },
            {
              "name": "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
              "refsource": "MLIST",
              "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13704",
    "datePublished": "2017-10-02T21:00:00",
    "dateReserved": "2017-08-25T00:00:00",
    "dateUpdated": "2024-08-05T19:05:20.078Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B21E9A8-CE63-42C2-A11A-94D977A96DF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A64AAD2D-38ED-4BA2-A27A-A2716F28D43A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76221AE4-1A3C-48EC-AFC2-1819BE4D3DC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.77\", \"matchCriteriaId\": \"B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.\"}, {\"lang\": \"es\", \"value\": \"En las versiones anteriores a la 2.78 de dnsmasq, si el tama\\u00f1o del paquete DNS no coincide con el tama\\u00f1o esperado, el par\\u00e1metro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiendo hasta 0xffffffff ceros (0xffffffffffffffff en plataformas de 64 bits), haciendo que dnsmasq se cierre de manera inesperada.\"}]",
      "id": "CVE-2017-13704",
      "lastModified": "2024-11-21T03:11:28.383",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-10-03T01:29:01.637",
      "references": "[{\"url\": \"http://thekelleys.org.uk/dnsmasq/CHANGELOG\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/101085\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/101977\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1039474\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/security/vulnerabilities/3199382\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://thekelleys.org.uk/dnsmasq/CHANGELOG\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/101085\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/101977\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1039474\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/security/vulnerabilities/3199382\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-13704\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-03T01:29:01.637\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.\"},{\"lang\":\"es\",\"value\":\"En las versiones anteriores a la 2.78 de dnsmasq, si el tama\u00f1o del paquete DNS no coincide con el tama\u00f1o esperado, el par\u00e1metro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiendo hasta 0xffffffff ceros (0xffffffffffffffff en plataformas de 64 bits), haciendo que dnsmasq se cierre de manera inesperada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B21E9A8-CE63-42C2-A11A-94D977A96DF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A64AAD2D-38ED-4BA2-A27A-A2716F28D43A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76221AE4-1A3C-48EC-AFC2-1819BE4D3DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.77\",\"matchCriteriaId\":\"B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98\"}]}]}],\"references\":[{\"url\":\"http://thekelleys.org.uk/dnsmasq/CHANGELOG\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/101085\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/101977\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1039474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/3199382\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://thekelleys.org.uk/dnsmasq/CHANGELOG\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/101085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/101977\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1039474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/3199382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ICSA-17-332-01

Vulnerability from csaf_cisa - Published: 2017-11-17 00:00 - Updated: 2018-05-09 00:00

Summary

Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)

Notes

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.

Additional Resources

Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Advisory Conversion Disclaimer

This CISA CSAF advisory was converted from a Siemens ProductCERT's advisory.

Critical infrastructure sectors

Multiple

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This CISA CSAF advisory was converted from a Siemens ProductCERT\u0027s advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-689071: DNSMasq Vulnerabilities in SCALANCE W1750D, SCALANCE M-800 / S615 and RUGGEDCOM RM1224 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-689071.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-332-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-332-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-332-01 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-332-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)",
    "tracking": {
      "current_release_date": "2018-05-09T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-332-01",
      "initial_release_date": "2017-11-17T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-11-17T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2018-04-05T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Changed to the new format and added update information for SCALANCE W1750D"
        },
        {
          "date": "2018-05-09T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added update information for SCALANCE M-800 / S615"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV5.0",
                "product": {
                  "name": "Siemens RUGGEDCOM RM1224: All versions \u003c V5.0",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RM1224"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV5.0",
                "product": {
                  "name": "Siemens SCALANCE M-800 / S615: All versions \u003c V5.0",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE M-800 / S615"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV6.5.1.5",
                "product": {
                  "name": "Siemens SCALANCE W1750D: All versions \u003c V6.5.1.5",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE W1750D"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13704",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox \u0027Enable DNS Proxy\u0027), and configure the connected devices in the internal network to use a different DNS server",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "SCALANCE W1750D: If \u0027OpenDNS\u0027, \u0027Captive Portal\u0027 or \u0027URL redirection\u0027 functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP",
          "product_ids": [
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V5.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109757544",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V6.5.1.5 or later version https://support.industry.siemens.com/cs/ww/en/view/109778052",
          "product_ids": [
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2017-13704"
    },
    {
      "cve": "CVE-2017-14491",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox \u0027Enable DNS Proxy\u0027), and configure the connected devices in the internal network to use a different DNS server",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "SCALANCE W1750D: If \u0027OpenDNS\u0027, \u0027Captive Portal\u0027 or \u0027URL redirection\u0027 functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP",
          "product_ids": [
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V5.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109757544",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V6.5.1.5 or later version https://support.industry.siemens.com/cs/ww/en/view/109778052",
          "product_ids": [
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2017-14491"
    },
    {
      "cve": "CVE-2017-14495",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox \u0027Enable DNS Proxy\u0027), and configure the connected devices in the internal network to use a different DNS server",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "SCALANCE W1750D: If \u0027OpenDNS\u0027, \u0027Captive Portal\u0027 or \u0027URL redirection\u0027 functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP",
          "product_ids": [
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V5.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109757544",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V6.5.1.5 or later version https://support.industry.siemens.com/cs/ww/en/view/109778052",
          "product_ids": [
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2017-14495"
    },
    {
      "cve": "CVE-2017-14496",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker could cause a crash of the DNSmasq process by sending specially crafted request messages to the service on port 53/udp.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "SCALANCE M-800 / S615 and RUGGEDCOM RM1224: Disable DNS proxy in the device configuration (System - DNS - DNS Proxy - Disable Checkbox \u0027Enable DNS Proxy\u0027), and configure the connected devices in the internal network to use a different DNS server",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "SCALANCE W1750D: If \u0027OpenDNS\u0027, \u0027Captive Portal\u0027 or \u0027URL redirection\u0027 functionality is not used, deploy firewall rules in the device configuration to block incoming access to port 53/UDP",
          "product_ids": [
            "CSAFPID-0003"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V5.0 or later version https://support.industry.siemens.com/cs/ww/en/view/109757544",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V6.5.1.5 or later version https://support.industry.siemens.com/cs/ww/en/view/109778052",
          "product_ids": [
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2017-14496"
    }
  ]
}

CERTFR-2017-AVI-329

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Dnsmasq . Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Dnsmasq versions antérieures à 2.78

References

Title

Publication Time

Tags

Bulletin de sécurité Dnsmasq du 2 octobre 2017	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2017:2839 du 2 octobre 2017	-	other
Bulletin de sécurité Debian dsa-3989 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172618-1 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172619-1 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2837 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2838 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172616-1 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2836 du 2 octobre 2017	-	other
Bulletin de sécurité Ubuntu usn-3430-1 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172617-1 du 2 octobre 2017	-	other
Billet de blogue Google	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Dnsmasq versions ant\u00e9rieures \u00e0 2.78",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-14491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
    },
    {
      "name": "CVE-2017-14494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14494"
    },
    {
      "name": "CVE-2017-14496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14496"
    },
    {
      "name": "CVE-2017-14493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14493"
    },
    {
      "name": "CVE-2017-13704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13704"
    },
    {
      "name": "CVE-2017-14492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14492"
    },
    {
      "name": "CVE-2017-14495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14495"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2839 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2839"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-3989 du 2 octobre 2017",
      "url": "https://www.debian.org/security/2017/dsa-3989"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172618-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172618-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172619-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172619-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2837 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2837"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2838 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2838"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172616-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2836 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2836"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3430-1 du 2 octobre 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3430-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172617-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172617-1/"
    },
    {
      "title": "Billet de blogue Google",
      "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
    }
  ],
  "reference": "CERTFR-2017-AVI-329",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-10-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Dnsmasq . Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Dnsmasq",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Dnsmasq du 2 octobre 2017",
      "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"
    }
  ]
}

CERTFR-2017-AVI-329

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Dnsmasq versions antérieures à 2.78

References

Title

Publication Time

Tags

Bulletin de sécurité Dnsmasq du 2 octobre 2017	None	vendor-advisory
Bulletin de sécurité RedHat RHSA-2017:2839 du 2 octobre 2017	-	other
Bulletin de sécurité Debian dsa-3989 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172618-1 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172619-1 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2837 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2838 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172616-1 du 2 octobre 2017	-	other
Bulletin de sécurité RedHat RHSA-2017:2836 du 2 octobre 2017	-	other
Bulletin de sécurité Ubuntu usn-3430-1 du 2 octobre 2017	-	other
Bulletin de sécurité SUSE suse-su-20172617-1 du 2 octobre 2017	-	other
Billet de blogue Google	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Dnsmasq versions ant\u00e9rieures \u00e0 2.78",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-14491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
    },
    {
      "name": "CVE-2017-14494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14494"
    },
    {
      "name": "CVE-2017-14496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14496"
    },
    {
      "name": "CVE-2017-14493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14493"
    },
    {
      "name": "CVE-2017-13704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13704"
    },
    {
      "name": "CVE-2017-14492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14492"
    },
    {
      "name": "CVE-2017-14495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14495"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2839 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2839"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-3989 du 2 octobre 2017",
      "url": "https://www.debian.org/security/2017/dsa-3989"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172618-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172618-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172619-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172619-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2837 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2837"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2838 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2838"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172616-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172616-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2017:2836 du 2 octobre 2017",
      "url": "https://access.redhat.com/errata/RHSA-2017:2836"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3430-1 du 2 octobre 2017",
      "url": "https://usn.ubuntu.com/usn/usn-3430-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172617-1 du 2 octobre 2017",
      "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172617-1/"
    },
    {
      "title": "Billet de blogue Google",
      "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
    }
  ],
  "reference": "CERTFR-2017-AVI-329",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2017-10-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Dnsmasq . Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Dnsmasq",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Dnsmasq du 2 octobre 2017",
      "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"
    }
  ]
}

CERTFR-2020-AVI-632

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Desigo Insight versions antérieures à 6.0
Siemens	N/A	SIPORT MP versions antérieures à 3.2.1
Siemens	N/A	RUGGEDCOM RM1224 versions antérieures à 5.0
Siemens	N/A	SCALANCE W1750D versions antérieures à 6.5.1.5
Siemens	N/A	SIMATIC WinAC RTX (F) 2010 toutes versions
Siemens	N/A	SIMATIC S7-300 dont les variantes ET200CPUs et SIPLUS toutes versions
Siemens	N/A	SCALANCE M-800 / S615 versions antérieures à 5.0
Siemens	N/A	SINUMERIK 840D sl toutes versions
Siemens	N/A	SIMATIC S7-400 dont les variantes SIPLUS toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-384879 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-381684 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-689071 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-226339 du 13 octobre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Desigo Insight versions ant\u00e9rieures \u00e0 6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPORT MP versions ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 6.5.1.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinAC RTX (F) 2010 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-300 dont les variantes ET200CPUs et SIPLUS toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M-800 / S615 versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 840D sl toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 dont les variantes SIPLUS toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7591"
    },
    {
      "name": "CVE-2017-14491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
    },
    {
      "name": "CVE-2020-15793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15793"
    },
    {
      "name": "CVE-2020-15791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15791"
    },
    {
      "name": "CVE-2017-14496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14496"
    },
    {
      "name": "CVE-2017-13704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13704"
    },
    {
      "name": "CVE-2020-15794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15794"
    },
    {
      "name": "CVE-2017-14495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14495"
    },
    {
      "name": "CVE-2020-15792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15792"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-632",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-10-13T00:00:00.000000"
    },
    {
      "description": "cat\u00e9gorie SCADA ajout\u00e9e",
      "revision_date": "2020-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-384879 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384879.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-381684 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-689071 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-226339 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf"
    }
  ]
}

CERTFR-2020-AVI-632

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Desigo Insight versions antérieures à 6.0
Siemens	N/A	SIPORT MP versions antérieures à 3.2.1
Siemens	N/A	RUGGEDCOM RM1224 versions antérieures à 5.0
Siemens	N/A	SCALANCE W1750D versions antérieures à 6.5.1.5
Siemens	N/A	SIMATIC WinAC RTX (F) 2010 toutes versions
Siemens	N/A	SIMATIC S7-300 dont les variantes ET200CPUs et SIPLUS toutes versions
Siemens	N/A	SCALANCE M-800 / S615 versions antérieures à 5.0
Siemens	N/A	SINUMERIK 840D sl toutes versions
Siemens	N/A	SIMATIC S7-400 dont les variantes SIPLUS toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-384879 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-381684 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-689071 du 13 octobre 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-226339 du 13 octobre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Desigo Insight versions ant\u00e9rieures \u00e0 6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPORT MP versions ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 6.5.1.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinAC RTX (F) 2010 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-300 dont les variantes ET200CPUs et SIPLUS toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M-800 / S615 versions ant\u00e9rieures \u00e0 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 840D sl toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 dont les variantes SIPLUS toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7591"
    },
    {
      "name": "CVE-2017-14491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
    },
    {
      "name": "CVE-2020-15793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15793"
    },
    {
      "name": "CVE-2020-15791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15791"
    },
    {
      "name": "CVE-2017-14496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14496"
    },
    {
      "name": "CVE-2017-13704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13704"
    },
    {
      "name": "CVE-2020-15794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15794"
    },
    {
      "name": "CVE-2017-14495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14495"
    },
    {
      "name": "CVE-2020-15792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15792"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-632",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-10-13T00:00:00.000000"
    },
    {
      "description": "cat\u00e9gorie SCADA ajout\u00e9e",
      "revision_date": "2020-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-384879 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384879.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-381684 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-689071 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-226339 du 13 octobre 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-226339.pdf"
    }
  ]
}

GHSA-MPRQ-HPVV-8WCC

Vulnerability from github – Published: 2022-05-14 03:24 – Updated: 2025-04-20 03:46

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-13704"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-03T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.",
  "id": "GHSA-mprq-hpvv-8wcc",
  "modified": "2025-04-20T03:46:12Z",
  "published": "2022-05-14T03:24:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13704"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/vulnerabilities/3199382"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK"
    },
    {
      "type": "WEB",
      "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
    },
    {
      "type": "WEB",
      "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
    },
    {
      "type": "WEB",
      "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
    },
    {
      "type": "WEB",
      "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101085"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101977"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039474"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-13704

Vulnerability from fkie_nvd - Published: 2017-10-03 01:29 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://thekelleys.org.uk/dnsmasq/CHANGELOG	Release Notes, Vendor Advisory
cve@mitre.org	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928
cve@mitre.org	http://www.securityfocus.com/bid/101085	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/101977
cve@mitre.org	http://www.securitytracker.com/id/1039474	Third Party Advisory, VDB Entry
cve@mitre.org	https://access.redhat.com/security/vulnerabilities/3199382	Issue Tracking, Third Party Advisory
cve@mitre.org	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/
cve@mitre.org	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	Third Party Advisory
cve@mitre.org	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
cve@mitre.org	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
cve@mitre.org	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
af854a3a-2127-422b-91ae-364da2661108	http://thekelleys.org.uk/dnsmasq/CHANGELOG	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101085	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101977
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039474	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/security/vulnerabilities/3199382	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/
af854a3a-2127-422b-91ae-364da2661108	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
af854a3a-2127-422b-91ae-364da2661108	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	17.04
debian	debian_linux	7.0
debian	debian_linux	7.1
debian	debian_linux	9.0
fedoraproject	fedora	27
novell	leap	42.2
novell	leap	42.3
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_workstation	7.0
thekelleys	dnsmasq	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B21E9A8-CE63-42C2-A11A-94D977A96DF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBEACBFF-6D05-4B69-BF7A-F7E539D9BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A64AAD2D-38ED-4BA2-A27A-A2716F28D43A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "76221AE4-1A3C-48EC-AFC2-1819BE4D3DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85D7A28-8CBA-4D77-AD30-DB3CA49F2F98",
              "versionEndIncluding": "2.77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash."
    },
    {
      "lang": "es",
      "value": "En las versiones anteriores a la 2.78 de dnsmasq, si el tama\u00f1o del paquete DNS no coincide con el tama\u00f1o esperado, el par\u00e1metro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiendo hasta 0xffffffff ceros (0xffffffffffffffff en plataformas de 64 bits), haciendo que dnsmasq se cierre de manera inesperada."
    }
  ],
  "id": "CVE-2017-13704",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-03T01:29:01.637",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101085"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/101977"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039474"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/security/vulnerabilities/3199382"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/101977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/security/vulnerabilities/3199382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-29272

Vulnerability from cnvd - Published: 2017-10-09

Title

DNSmasq拒绝服务漏洞（CNVD-2017-29272）

Description

DNSmasq是一个小巧且方便地用于配置DNS和DHCP的工具，适用于小型网络，它提供了DNS功能和可选择的DHCP功能。 DNSmasq 2.77及之前版本中存在拒绝服务漏洞，远程攻击者可以通过发送特制DNS查询而导致目标服务崩溃。

Severity

高

Patch Name

DNSmasq拒绝服务漏洞（CNVD-2017-29272）的补丁

Patch Description

DNSmasq是一个小巧且方便地用于配置DNS和DHCP的工具，适用于小型网络，它提供了DNS功能和可选择的DHCP功能。 DNSmasq 2.77及之前版本中存在拒绝服务漏洞，远程攻击者可以通过发送特制DNS查询而导致目标服务崩溃。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Reference

http://securitytracker.com/id/1039474 http://www.securityfocus.com/bid/101085

Impacted products

Name
Dnsmasq Dnsmasq <=2.77

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "101085"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-13704"
    }
  },
  "description": "DNSmasq\u662f\u4e00\u4e2a\u5c0f\u5de7\u4e14\u65b9\u4fbf\u5730\u7528\u4e8e\u914d\u7f6eDNS\u548cDHCP\u7684\u5de5\u5177\uff0c\u9002\u7528\u4e8e\u5c0f\u578b\u7f51\u7edc\uff0c\u5b83\u63d0\u4f9b\u4e86DNS\u529f\u80fd\u548c\u53ef\u9009\u62e9\u7684DHCP\u529f\u80fd\u3002\r\n\r\nDNSmasq 2.77\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u53d1\u9001\u7279\u5236DNS\u67e5\u8be2\u800c\u5bfc\u81f4\u76ee\u6807\u670d\u52a1\u5d29\u6e83\u3002",
  "discovererName": "Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.thekelleys.org.uk/dnsmasq/CHANGELOG",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-29272",
  "openTime": "2017-10-09",
  "patchDescription": "DNSmasq\u662f\u4e00\u4e2a\u5c0f\u5de7\u4e14\u65b9\u4fbf\u5730\u7528\u4e8e\u914d\u7f6eDNS\u548cDHCP\u7684\u5de5\u5177\uff0c\u9002\u7528\u4e8e\u5c0f\u578b\u7f51\u7edc\uff0c\u5b83\u63d0\u4f9b\u4e86DNS\u529f\u80fd\u548c\u53ef\u9009\u62e9\u7684DHCP\u529f\u80fd\u3002\r\n\r\nDNSmasq 2.77\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u53d1\u9001\u7279\u5236DNS\u67e5\u8be2\u800c\u5bfc\u81f4\u76ee\u6807\u670d\u52a1\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "DNSmasq\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-29272\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Dnsmasq Dnsmasq \u003c=2.77"
  },
  "referenceLink": "http://securitytracker.com/id/1039474\r\nhttp://www.securityfocus.com/bid/101085",
  "serverity": "\u9ad8",
  "submitTime": "2017-10-09",
  "title": "DNSmasq\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-29272\uff09"
}

GSD-2017-13704

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-13704

Aliases

CVE-2017-13704

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-13704",
    "description": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.",
    "id": "GSD-2017-13704",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-13704.html",
      "https://advisories.mageia.org/CVE-2017-13704.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-13704"
      ],
      "details": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.",
      "id": "GSD-2017-13704",
      "modified": "2023-12-13T01:21:01.376515Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-13704",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1039474",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039474"
          },
          {
            "name": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
          },
          {
            "name": "https://access.redhat.com/security/vulnerabilities/3199382",
            "refsource": "CONFIRM",
            "url": "https://access.redhat.com/security/vulnerabilities/3199382"
          },
          {
            "name": "101085",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/101085"
          },
          {
            "name": "101977",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/101977"
          },
          {
            "name": "FEDORA-2017-274d763ed8",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
          },
          {
            "name": "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
            "refsource": "MLIST",
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
          },
          {
            "name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928",
            "refsource": "CONFIRM",
            "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
          },
          {
            "name": "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
            "refsource": "CONFIRM",
            "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
          },
          {
            "name": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
            "refsource": "MISC",
            "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
          },
          {
            "name": "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
            "refsource": "MLIST",
            "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.77",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13704"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
            },
            {
              "name": "[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
            },
            {
              "name": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
            },
            {
              "name": "FEDORA-2017-274d763ed8",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"
            },
            {
              "name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
            },
            {
              "name": "http://thekelleys.org.uk/dnsmasq/CHANGELOG",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG"
            },
            {
              "name": "1039474",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039474"
            },
            {
              "name": "101085",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/101085"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/3199382",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/security/vulnerabilities/3199382"
            },
            {
              "name": "101977",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/101977"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2018-05-11T01:29Z",
      "publishedDate": "2017-10-03T01:29Z"
    }
  }
}

VAR-201710-1267

Vulnerability from variot - Updated: 2023-12-18 12:03

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device or cause a denial-of-service condition. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1267",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "fedoraproject",
        "version": "27"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "16.04"
      },
      {
        "model": "dnsmasq",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "thekelleys",
        "version": "2.77"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "7.0"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "17.04"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "7.1"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "leap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "novell",
        "version": "42.3"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "leap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "novell",
        "version": "42.2"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "14.04"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "thekelleys",
        "version": "2.77"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ruckus",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "technicolor",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dnsmasq",
        "version": null
      },
      {
        "model": "ubuntu",
        "scope": null,
        "trust": 0.8,
        "vendor": "canonical",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "dnsmasq",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "thekelleys",
        "version": "2.78"
      },
      {
        "model": "enterprise linux desktop",
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "model": "enterprise linux server",
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "model": "enterprise linux workstation",
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "model": "enterprise linux server year extended update support",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "redhat",
        "version": "-47.4"
      },
      {
        "model": "scalance w1750d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance m800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "17.04"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "16.04"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "14.04"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.2.2"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.75"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.72"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.71"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.70"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.7"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.65"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.64"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.63"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.62"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.61"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.60"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.6"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.59"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.58"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.57"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.56"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.55"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.54"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.53"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.52"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.51"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.50"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.49"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.48"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.47"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.46"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.45"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.44"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.43"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.42"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.41"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.40"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.4"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.38"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.37"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.36"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.35"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.34"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.33"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.30"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.29"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.28"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.27"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.26"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.25"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.24"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.23"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.22"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.21"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.20"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.2"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.19"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.18"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.17"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.16"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.15"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.14"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.13"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.12"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.11"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.10"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.9"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.8"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.6"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.5"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.4"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.3"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.18"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.17"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.16"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.15"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.14"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.13"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.12"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.11"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.10"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "1.0"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.996"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.992"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.98"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.96"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.95"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.7"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.6"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.5"
      },
      {
        "model": "dnsmasq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "0.4"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "14.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "14.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "14.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.37"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.0"
      },
      {
        "model": "enterprise linux workstation optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux workstation optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.6"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.5"
      },
      {
        "model": "enterprise linux server optional eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "enterprise linux server optional eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "model": "enterprise linux server optional eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.5"
      },
      {
        "model": "enterprise linux server optional aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.6"
      },
      {
        "model": "enterprise linux server optional aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.5"
      },
      {
        "model": "enterprise linux server optional aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.4"
      },
      {
        "model": "enterprise linux server optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux server optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux server for arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux server eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "enterprise linux server eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.6"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.5"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.4"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.2"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux server extended update suppor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux server year extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-47.2"
      },
      {
        "model": "enterprise linux server year extended upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-47.3"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "enterprise linux long life server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5.9"
      },
      {
        "model": "enterprise linux hpc node optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux hpc node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux for scientific computing",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux for power little endian extended update supp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux for power little endian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux for power big endian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux for power little endian extended update suppo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux for power little endian extended update suppo",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "model": "enterprise linux for ibm z systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "model": "enterprise linux desktop optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux computenode optional eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "enterprise linux computenode optional eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "model": "enterprise linux computenode optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "enterprise linux computenode eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "enterprise linux computenode eus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "model": "enterprise linux computenode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "7"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6"
      },
      {
        "model": "leap",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "opensuse",
        "version": "42.3"
      },
      {
        "model": "leap",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "opensuse",
        "version": "42.2"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.7.6"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.7"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.6.10"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.6"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.5.7"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.5"
      },
      {
        "model": "kubernetes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "7.1.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6.0.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "5.1.1"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "5.0.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "4.4.4"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "8.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "7.1.2"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "7.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6.0"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-30",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "centos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "centos",
        "version": "7"
      },
      {
        "model": "centos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "centos",
        "version": "6"
      },
      {
        "model": "dnsmasq",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "thekelleys",
        "version": "2.78"
      },
      {
        "model": "kubernetes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.8"
      },
      {
        "model": "kubernetes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.7.7"
      },
      {
        "model": "kubernetes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.6.11"
      },
      {
        "model": "kubernetes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "kubernetes",
        "version": "1.5.8"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.77",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2017-13704",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-13704",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-13704",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-13704",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201708-1115",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-13704",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero\u0027s (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities:\n1. A buffer-overflow vulnerability\n2. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the  context of affected device or cause a denial-of-service condition. \nThis BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      }
    ],
    "trust": 2.97
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-13704",
        "trust": 3.1
      },
      {
        "db": "CERT/CC",
        "id": "VU#973527",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "101085",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-332-01",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "101977",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1039474",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-689071",
        "trust": 1.1
      },
      {
        "db": "JVN",
        "id": "JVNVU93453933",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-13704",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "id": "VAR-201710-1267",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.24812031
  },
  "last_update_date": "2023-12-18T12:03:09.568000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "FEDORA-2017-274d763ed8",
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/"
      },
      {
        "title": "CHANGELOG",
        "trust": 0.8,
        "url": "http://thekelleys.org.uk/dnsmasq/changelog"
      },
      {
        "title": "Fix CVE-2017-13704, which resulted in a crash on a large DNS query.",
        "trust": 0.8,
        "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
      },
      {
        "title": "USN-3430-2",
        "trust": 0.8,
        "url": "https://usn.ubuntu.com/usn/usn-3430-2/"
      },
      {
        "title": "USN-3430-1",
        "trust": 0.8,
        "url": "https://usn.ubuntu.com/usn/usn-3430-1/"
      },
      {
        "title": "dnsmasq: Multiple Critical and Important vulnerabilities",
        "trust": 0.8,
        "url": "https://access.redhat.com/security/vulnerabilities/3199382"
      },
      {
        "title": "Dnsmasq Enter the fix for the verification vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92838"
      },
      {
        "title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
      },
      {
        "title": "Red Hat: CVE-2017-13704",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13704"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
      },
      {
        "title": "Brocade Security Advisories: BSA-2017-455",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=f173c512f0a725c451f45840ccf64e99"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      },
      {
        "problemtype": "CWE-191",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/101085"
      },
      {
        "trust": 2.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
      },
      {
        "trust": 1.7,
        "url": "https://www.kb.cert.org/vuls/id/973527"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/101977"
      },
      {
        "trust": 1.1,
        "url": "http://thekelleys.org.uk/dnsmasq/changelog"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1039474"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/security/vulnerabilities/3199382"
      },
      {
        "trust": 1.1,
        "url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://access.redhat.com/security/cve/cve-2017-13704"
      },
      {
        "trust": 1.0,
        "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/"
      },
      {
        "trust": 1.0,
        "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
      },
      {
        "trust": 1.0,
        "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
      },
      {
        "trust": 0.9,
        "url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
      },
      {
        "trust": 0.9,
        "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
      },
      {
        "trust": 0.9,
        "url": "https://source.android.com/security/bulletin/2017-10-01"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14491"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14492"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14493"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14494"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14495"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/security/cve/cve-2017-14496"
      },
      {
        "trust": 0.9,
        "url": "https://www.debian.org/security/2017/dsa-3989"
      },
      {
        "trust": 0.9,
        "url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/errata/rhsa-2017:2836"
      },
      {
        "trust": 0.9,
        "url": "https://access.redhat.com/errata/rhsa-2017:2837"
      },
      {
        "trust": 0.8,
        "url": "https://www.ruckuswireless.com/security"
      },
      {
        "trust": 0.8,
        "url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13704"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu93453933/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-13704"
      },
      {
        "trust": 0.6,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409 bug 1495409"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4tk6dwc53wsu6633evzl7h4pcwbyhmhk/"
      },
      {
        "trust": 0.1,
        "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=63437ffbb58837b214b4b92cb1c54bc5f3279928"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "date": "2017-10-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "date": "2017-11-28T00:00:00",
        "db": "BID",
        "id": "101977"
      },
      {
        "date": "2017-10-02T00:00:00",
        "db": "BID",
        "id": "101085"
      },
      {
        "date": "2017-10-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "date": "2017-10-03T01:29:01.637000",
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "date": "2017-08-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#973527"
      },
      {
        "date": "2018-05-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-13704"
      },
      {
        "date": "2019-05-15T17:00:00",
        "db": "BID",
        "id": "101977"
      },
      {
        "date": "2017-10-02T00:00:00",
        "db": "BID",
        "id": "101085"
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-008617"
      },
      {
        "date": "2023-11-07T02:38:41.510000",
        "db": "NVD",
        "id": "CVE-2017-13704"
      },
      {
        "date": "2020-10-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "BID",
        "id": "101085"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Dnsmasq contains multiple vulnerabilities",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#973527"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input Validation Error",
    "sources": [
      {
        "db": "BID",
        "id": "101977"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1115"
      }
    ],
    "trust": 0.9
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-13704 (GCVE-0-2017-13704)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature