CVE-2005-0876Improper Restriction of Operations within the Bounds of a Memory Buffer in Dnsmasq

5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
2.2%
top 15.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Thekelleys DnsmasqDnsmasq
Timeline
PublishedMay 2
Latest updateMay 1

Description

Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianthekelleys/dnsmasq< 2.21+3
NVDdnsmasq/dnsmasq7 versions+6

Patches

Patch: secunia.comPatch: www.securityfocus.comPatch: secunia.com

🔴Vulnerability Details

3
GHSA
GHSA-cjw9-x64q-vcrq: Off-by-one buffer overflow in Dnsmasq before 22022-05-01
OSV
CVE-2005-0876: Off-by-one buffer overflow in Dnsmasq before 22005-05-02
CVEList
CVE-2005-0876: Off-by-one buffer overflow in Dnsmasq before 22005-03-26

📋Vendor Advisories

1
Debian
CVE-2005-0876: dnsmasq - Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute...2005