var-202101-0220
Vulnerability from variot
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.CVE-2020-25681 Not Affected CVE-2020-25682 Not Affected CVE-2020-25683 Not Affected CVE-2020-25684 Affected CVE-2020-25685 Affected CVE-2020-25686 Affected CVE-2020-25687 Not AffectedCVE-2020-25681 Not Affected CVE-2020-25682 Not Affected CVE-2020-25683 Not Affected CVE-2020-25684 Affected CVE-2020-25685 Affected CVE-2020-25686 Affected CVE-2020-25687 Not Affected. dnsmasq There is a security check vulnerability in.Information may be tampered with. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language. 8) - aarch64, ppc64le, s390x, x86_64
-
7) - aarch64, ppc64le, s390x
-
7.7) - ppc64, ppc64le, s390x, x86_64
-
========================================================================== Ubuntu Security Notice USN-4698-1 January 19, 2021
dnsmasq vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Dnsmasq.
Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. (CVE-2020-25684)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. (CVE-2020-25685)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. (CVE-2020-25686)
It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: dnsmasq 2.82-1ubuntu1.1 dnsmasq-base 2.82-1ubuntu1.1 dnsmasq-utils 2.82-1ubuntu1.1
Ubuntu 20.04 LTS: dnsmasq 2.80-1.1ubuntu1.2 dnsmasq-base 2.80-1.1ubuntu1.2 dnsmasq-utils 2.80-1.1ubuntu1.2
Ubuntu 18.04 LTS: dnsmasq 2.79-1ubuntu0.2 dnsmasq-base 2.79-1ubuntu0.2 dnsmasq-utils 2.79-1ubuntu0.2
Ubuntu 16.04 LTS: dnsmasq 2.75-1ubuntu0.16.04.7 dnsmasq-base 2.75-1ubuntu0.16.04.7 dnsmasq-utils 2.75-1ubuntu0.16.04.7
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: dnsmasq security update Advisory ID: RHSA-2021:0156-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0156 Issue date: 2021-01-19 CVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 ==================================================================== 1. Summary:
An update for dnsmasq is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64
Security Fix(es):
-
dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)
-
dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)
-
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
ppc64le: dnsmasq-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: dnsmasq-2.76-2.el7_4.3.src.rpm
x86_64: dnsmasq-2.76-2.el7_4.3.x86_64.rpm dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: dnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm dnsmasq-utils-2.76-2.el7_4.3.ppc64le.rpm
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: dnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm dnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-001
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYAbg5dzjgjWX9erEAQjfmA//U9huQUHWE5px5MpvL3/7ZlTnU3Q23tSz lOkHHhl4hwFmETAaVUv/Zoc1N7OfxHzC6C4ot2+rPFj+oMcZQeXUrfhKZkG5kWMn Qy/yIN9myOJ9jjM+2NmF+nQPAiIVi2fU/LkDIEYGXihDZB67/bvu2ErbX2dEOGaH ikX4JNYAVw8vnCZgRy2bbXq47Nff8oeys9sTcDWIq61Svg2mHYYtIoF4Xmz5N5u5 Gb+75FFSxlBoNQFbDyydm19UpGTGZ1dP5Giquvuv8hN0lXGDZN39TANk8FruwnB+ ibyRgzf1R3IwDKbMdkICVOtxfR6cMUXOk5fB6bygyL8Ki6o03N1/HPnQTOQ3XPDO Ya0eswXvMpG8DdhIPi6xlVhorxDj4QKaVKC82rnbb27KJP+UPC8KXfp8lEZSD0zX 56f2O2t42rjzrulnijDdeHtW6oI1MytA/hVLLM0Sdt6PYS19jflucnwP2UuZn0aR RRWjdK6Tx0OYxpPQBYVKygzm+0ke7Ee5BoGn+sYU5SZSH6ro0AlfIRVQn6XmTGUj Gotg6jc4a6HXjhrA72lkxvW9pzFVXpfiQ/VFhBblP39dcCXXyRfTSzgbutDAz7eu 5R8SwUBVIJ0e/Pp32WAMapLfKc+Pj9VG/INfwYYxtpWooy2cHk+3HZIy8gXylhCA lyNYjR6LrCc=sh0K -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (buster), these problems have been fixed in version 2.80-1+deb10u1.
We recommend that you upgrade your dnsmasq packages.
For the detailed security status of dnsmasq please refer to its security tracker page at: https://security-tracker.debian.org/tracker/dnsmasq
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmAZVA4ACgkQEL6Jg/PV nWQYKAgAgVwonRAgXSliaFh0n44OPOz9wf4KibG7otcnAx4V4XqFAeXsHd/hIX/K IC313F3I+8WzvjKBhvt2KnGG9SnoTnq4roBIa1nz//vNX0hyfDm5xPlxQOExzC+c YS8kGt++SvC2wgOsrZEjyk0ecKqDJmZSwW31zXG9/2kTzCbKjuDp+i4TTADqabPC AgbmEGVKBR2Fk7K9Prct27oWoj7LHMaH+Ttb8uQGnG7OgJs9KyRI+2qIu+VaRCGf yfRj+XayPYHV1Amf5dLIKcLMMp/FnkNFoO2YIAZkWVPjXD2uPKUykJJ1GRl8R+0q qtNhPTNNuD6WnYzC8yP0KIQ2tsbg9Q== =j5Ka -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-0220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.22"
},
{
"model": "dnsmasq",
"scope": "lt",
"trust": 1.0,
"vendor": "thekelleys",
"version": "2.83"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.23"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.21.14m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.23.7m"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.25"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.25.2f"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.21"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.24.5m"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.22.9m"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.24"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "dnsmasq",
"scope": null,
"trust": 0.8,
"vendor": "thekelleys",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "dnsmasq",
"scope": "eq",
"trust": 0.6,
"vendor": "dnsmasq",
"version": "2.83"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.83",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.21.14m",
"versionStartIncluding": "4.21",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.22.9m",
"versionStartIncluding": "4.22",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.23.7m",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.24.5m",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.25.2f",
"versionStartIncluding": "4.25",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Vijay Sarvepalli.Statement Date:\u00a0\u00a0 January 04, 2021",
"sources": [
{
"db": "CERT/CC",
"id": "VU#434904"
}
],
"trust": 0.8
},
"cve": "CVE-2020-25684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-25684",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-16431",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.7,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-25684",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-25684",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2021-16431",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-1611",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2020-25684",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query\u0027s attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.CVE-2020-25681 Not Affected\nCVE-2020-25682 Not Affected\nCVE-2020-25683 Not Affected\nCVE-2020-25684 Affected\nCVE-2020-25685 Affected\nCVE-2020-25686 Affected\nCVE-2020-25687 Not AffectedCVE-2020-25681 Not Affected\nCVE-2020-25682 Not Affected\nCVE-2020-25683 Not Affected\nCVE-2020-25684 Affected\nCVE-2020-25685 Affected\nCVE-2020-25686 Affected\nCVE-2020-25687 Not Affected. dnsmasq There is a security check vulnerability in.Information may be tampered with. Dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C language. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. 7) - aarch64, ppc64le, s390x\n\n3. 7.7) - ppc64, ppc64le, s390x, x86_64\n\n3. ==========================================================================\nUbuntu Security Notice USN-4698-1\nJanuary 19, 2021\n\ndnsmasq vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nmemory when sorting RRsets. A remote attacker could use this issue to cause\nDnsmasq to hang, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-25681, CVE-2020-25687)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nextracting certain names. A remote attacker could use this issue to cause\nDnsmasq to hang, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-25682, CVE-2020-25683)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly\nimplemented address/port checks. (CVE-2020-25684)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly\nimplemented query resource name checks. (CVE-2020-25685)\n\nMoshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled\nmultiple query requests for the same resource name. (CVE-2020-25686)\n\nIt was discovered that Dnsmasq incorrectly handled memory during DHCP\nresponse creation. A remote attacker could possibly use this issue to\ncause Dnsmasq to consume resources, leading to a denial of service. This\nissue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04\nLTS. (CVE-2019-14834)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n dnsmasq 2.82-1ubuntu1.1\n dnsmasq-base 2.82-1ubuntu1.1\n dnsmasq-utils 2.82-1ubuntu1.1\n\nUbuntu 20.04 LTS:\n dnsmasq 2.80-1.1ubuntu1.2\n dnsmasq-base 2.80-1.1ubuntu1.2\n dnsmasq-utils 2.80-1.1ubuntu1.2\n\nUbuntu 18.04 LTS:\n dnsmasq 2.79-1ubuntu0.2\n dnsmasq-base 2.79-1ubuntu0.2\n dnsmasq-utils 2.79-1ubuntu0.2\n\nUbuntu 16.04 LTS:\n dnsmasq 2.75-1ubuntu0.16.04.7\n dnsmasq-base 2.75-1ubuntu0.16.04.7\n dnsmasq-utils 2.75-1ubuntu0.16.04.7\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: dnsmasq security update\nAdvisory ID: RHSA-2021:0156-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0156\nIssue date: 2021-01-19\nCVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686\n====================================================================\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies\neasier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging\nreplies easier for an off-path attacker (CVE-2020-25686)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nppc64le:\ndnsmasq-2.76-2.el7_4.3.ppc64le.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\ndnsmasq-2.76-2.el7_4.3.src.rpm\n\nx86_64:\ndnsmasq-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\ndnsmasq-debuginfo-2.76-2.el7_4.3.ppc64le.rpm\ndnsmasq-utils-2.76-2.el7_4.3.ppc64le.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\ndnsmasq-debuginfo-2.76-2.el7_4.3.x86_64.rpm\ndnsmasq-utils-2.76-2.el7_4.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-25684\nhttps://access.redhat.com/security/cve/CVE-2020-25685\nhttps://access.redhat.com/security/cve/CVE-2020-25686\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-001\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYAbg5dzjgjWX9erEAQjfmA//U9huQUHWE5px5MpvL3/7ZlTnU3Q23tSz\nlOkHHhl4hwFmETAaVUv/Zoc1N7OfxHzC6C4ot2+rPFj+oMcZQeXUrfhKZkG5kWMn\nQy/yIN9myOJ9jjM+2NmF+nQPAiIVi2fU/LkDIEYGXihDZB67/bvu2ErbX2dEOGaH\nikX4JNYAVw8vnCZgRy2bbXq47Nff8oeys9sTcDWIq61Svg2mHYYtIoF4Xmz5N5u5\nGb+75FFSxlBoNQFbDyydm19UpGTGZ1dP5Giquvuv8hN0lXGDZN39TANk8FruwnB+\nibyRgzf1R3IwDKbMdkICVOtxfR6cMUXOk5fB6bygyL8Ki6o03N1/HPnQTOQ3XPDO\nYa0eswXvMpG8DdhIPi6xlVhorxDj4QKaVKC82rnbb27KJP+UPC8KXfp8lEZSD0zX\n56f2O2t42rjzrulnijDdeHtW6oI1MytA/hVLLM0Sdt6PYS19jflucnwP2UuZn0aR\nRRWjdK6Tx0OYxpPQBYVKygzm+0ke7Ee5BoGn+sYU5SZSH6ro0AlfIRVQn6XmTGUj\nGotg6jc4a6HXjhrA72lkxvW9pzFVXpfiQ/VFhBblP39dcCXXyRfTSzgbutDAz7eu\n5R8SwUBVIJ0e/Pp32WAMapLfKc+Pj9VG/INfwYYxtpWooy2cHk+3HZIy8gXylhCA\nlyNYjR6LrCc=sh0K\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.80-1+deb10u1. \n\nWe recommend that you upgrade your dnsmasq packages. \n\nFor the detailed security status of dnsmasq please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/dnsmasq\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmAZVA4ACgkQEL6Jg/PV\nnWQYKAgAgVwonRAgXSliaFh0n44OPOz9wf4KibG7otcnAx4V4XqFAeXsHd/hIX/K\nIC313F3I+8WzvjKBhvt2KnGG9SnoTnq4roBIa1nz//vNX0hyfDm5xPlxQOExzC+c\nYS8kGt++SvC2wgOsrZEjyk0ecKqDJmZSwW31zXG9/2kTzCbKjuDp+i4TTADqabPC\nAgbmEGVKBR2Fk7K9Prct27oWoj7LHMaH+Ttb8uQGnG7OgJs9KyRI+2qIu+VaRCGf\nyfRj+XayPYHV1Amf5dLIKcLMMp/FnkNFoO2YIAZkWVPjXD2uPKUykJJ1GRl8R+0q\nqtNhPTNNuD6WnYzC8yP0KIQ2tsbg9Q==\n=j5Ka\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25684"
},
{
"db": "CERT/CC",
"id": "VU#434904"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "PACKETSTORM",
"id": "161012"
},
{
"db": "PACKETSTORM",
"id": "161020"
},
{
"db": "PACKETSTORM",
"id": "161019"
},
{
"db": "PACKETSTORM",
"id": "161010"
},
{
"db": "PACKETSTORM",
"id": "161015"
},
{
"db": "PACKETSTORM",
"id": "161101"
},
{
"db": "PACKETSTORM",
"id": "169002"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25684",
"trust": 4.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0231",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#434904",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90340376",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-16431",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161281",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161535",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161085",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0987",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0420",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0692",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0283",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1088",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0699",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122911",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021070106",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-019-01",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-25684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161020",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161019",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161010",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161101",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169002",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#434904"
},
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "PACKETSTORM",
"id": "161012"
},
{
"db": "PACKETSTORM",
"id": "161020"
},
{
"db": "PACKETSTORM",
"id": "161019"
},
{
"db": "PACKETSTORM",
"id": "161010"
},
{
"db": "PACKETSTORM",
"id": "161015"
},
{
"db": "PACKETSTORM",
"id": "161101"
},
{
"db": "PACKETSTORM",
"id": "169002"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"id": "VAR-202101-0220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16431"
}
],
"trust": 0.84812031
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16431"
}
]
},
"last_update_date": "2024-07-23T20:21:44.763000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html"
},
{
"title": "Patch for Dnsmasq security feature issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/251931"
},
{
"title": "Dnsmasq Fixing measures for security feature vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=139960"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210156 - security advisory"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210240 - security advisory"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210245 - security advisory"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210153 - security advisory"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210154 - security advisory"
},
{
"title": "Red Hat: Moderate: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210155 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210401 - security advisory"
},
{
"title": "Red Hat: Important: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210395 - security advisory"
},
{
"title": "Red Hat: Important: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210151 - security advisory"
},
{
"title": "Red Hat: Important: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210150 - security advisory"
},
{
"title": "Red Hat: Important: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210152 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-25684 log"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1587",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2021-1587"
},
{
"title": "Debian Security Advisories: DSA-4844-1 dnsmasq -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6bdd82a7af8c0333eca753b3b7b02111"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.4.33 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210281 - security advisory"
},
{
"title": "Cisco: Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-dnsmasq-dns-2021-c5mrdf3g"
},
{
"title": "dnspooq",
"trust": 0.1,
"url": "https://github.com/knqyf263/dnspooq "
},
{
"title": "multironic\nRequirements:\nInstall libvirt and prepare nodes\nhave to check why we need this\nTODO download ironic images later\nPull images\nTag images\nPush images\nrun httpd\nCheck that two vbmcs are running for the two nodes\nPlay with vbmc and ipmitools\nRun management cluster\nFirewall\nLaunch ironic\nrun capm3\nFirewall\nRef",
"trust": 0.1,
"url": "https://github.com/mboukhalfa/multironic "
},
{
"title": "Criminal IP NSE Script",
"trust": 0.1,
"url": "https://github.com/criminalip/cip-nse-script "
},
{
"title": "Intro: What\u0027s pique or repique\n\n\nOverview",
"trust": 0.1,
"url": "https://github.com/az-x/pique "
},
{
"title": "https://github.com/klcheung99/CSCM28CW2",
"trust": 0.1,
"url": "https://github.com/klcheung99/cscm28cw2 "
},
{
"title": "Kaosagnt\u0027s Ansible Everyday Utils",
"trust": 0.1,
"url": "https://github.com/kaosagnt/ansible-everyday "
},
{
"title": "F5\u306e\u8106\u5f31\u6027\u60c5\u5831",
"trust": 0.1,
"url": "https://github.com/dntyo/f5_vulnerability "
},
{
"title": "Vulnerability",
"trust": 0.1,
"url": "https://github.com/tzwlhack/vulnerability "
},
{
"title": "TOP\nTable of Contents\nDonation",
"trust": 0.1,
"url": "https://github.com/jerry123s/all-poc "
},
{
"title": "SecBooks\nSecBooks\u76ee\u5f55",
"trust": 0.1,
"url": "https://github.com/sexybeast233/secbooks "
},
{
"title": "Table of Contents",
"trust": 0.1,
"url": "https://github.com/cvedb/top "
},
{
"title": "Table of Contents",
"trust": 0.1,
"url": "https://github.com/cvedb/awesome-cve-repo "
},
{
"title": "TOP\nTable of Contents\nDonation",
"trust": 0.1,
"url": "https://github.com/hktalent/top "
},
{
"title": "TOP\nTable of Contents\nDonation",
"trust": 0.1,
"url": "https://github.com/cyberanand1337x/bug-bounty-2022 "
},
{
"title": "TOP\nTable of Contents\nDonation",
"trust": 0.1,
"url": "https://github.com/weeka10/-hktalent-top "
},
{
"title": "PoC in GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/01/20/dns_cache_poisoning/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "Improperly implemented security checks (CWE-358) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25684"
},
{
"trust": 1.7,
"url": "https://www.jsof-tech.com/disclosures/dnspooq/"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202101-17"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4844"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0231/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/"
},
{
"trust": 0.8,
"url": "cve-2020-25681 "
},
{
"trust": 0.8,
"url": "cve-2020-25682 "
},
{
"trust": 0.8,
"url": "cve-2020-25683 "
},
{
"trust": 0.8,
"url": "cve-2020-25684 "
},
{
"trust": 0.8,
"url": "cve-2020-25685 "
},
{
"trust": 0.8,
"url": "cve-2020-25686 "
},
{
"trust": 0.8,
"url": "cve-2020-25687 "
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90340376/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25686"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25685"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qgb7hl3owhtlepsmldgomxqkg3km2qme/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wyw3ir6apuskoykl5ft3actihwhgqy32/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161281/red-hat-security-advisory-2021-0401-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161535/ubuntu-security-notice-usn-4698-2.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161085/gentoo-linux-security-advisory-202101-17.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0699"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210120-01-dnspooq-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0987"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0283/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-019-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0692"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1088"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0420"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021070106"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-dnsmasq-dns-2021-c5mrdf3g"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-cve-2020-25684-cve-2020-25685-cve-2020-25686/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122911"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-25685"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-25684"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-25686"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/errata/rhsa-2021:0156"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25682"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25687"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25683"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25681"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/knqyf263/dnspooq"
},
{
"trust": 0.1,
"url": "https://security.archlinux.org/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25682"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0150"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25681"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25683"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0154"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.7"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14834"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4698-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.82-1ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.80-1.1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0245"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/dnsmasq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#434904"
},
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "PACKETSTORM",
"id": "161012"
},
{
"db": "PACKETSTORM",
"id": "161020"
},
{
"db": "PACKETSTORM",
"id": "161019"
},
{
"db": "PACKETSTORM",
"id": "161010"
},
{
"db": "PACKETSTORM",
"id": "161015"
},
{
"db": "PACKETSTORM",
"id": "161101"
},
{
"db": "PACKETSTORM",
"id": "169002"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#434904"
},
{
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"db": "PACKETSTORM",
"id": "161012"
},
{
"db": "PACKETSTORM",
"id": "161020"
},
{
"db": "PACKETSTORM",
"id": "161019"
},
{
"db": "PACKETSTORM",
"id": "161010"
},
{
"db": "PACKETSTORM",
"id": "161015"
},
{
"db": "PACKETSTORM",
"id": "161101"
},
{
"db": "PACKETSTORM",
"id": "169002"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-19T00:00:00",
"db": "CERT/CC",
"id": "VU#434904"
},
{
"date": "2021-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"date": "2021-01-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"date": "2021-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"date": "2021-01-19T14:45:12",
"db": "PACKETSTORM",
"id": "161012"
},
{
"date": "2021-01-19T14:46:21",
"db": "PACKETSTORM",
"id": "161020"
},
{
"date": "2021-01-19T14:46:12",
"db": "PACKETSTORM",
"id": "161019"
},
{
"date": "2021-01-19T14:43:50",
"db": "PACKETSTORM",
"id": "161010"
},
{
"date": "2021-01-19T14:45:36",
"db": "PACKETSTORM",
"id": "161015"
},
{
"date": "2021-01-25T17:28:57",
"db": "PACKETSTORM",
"id": "161101"
},
{
"date": "2021-02-28T20:12:00",
"db": "PACKETSTORM",
"id": "169002"
},
{
"date": "2021-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"date": "2021-01-20T16:15:14.163000",
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-06T00:00:00",
"db": "CERT/CC",
"id": "VU#434904"
},
{
"date": "2021-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16431"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-25684"
},
{
"date": "2021-10-04T08:30:00",
"db": "JVNDB",
"id": "JVNDB-2020-015547"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1611"
},
{
"date": "2023-11-07T03:20:22.107000",
"db": "NVD",
"id": "CVE-2020-25684"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "161010"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dnsmasq is vulnerable to memory corruption and cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#434904"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1611"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.