CVE-2005-0877Origin Validation Error in Dnsmasq

CWE-346Origin Validation Error6 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 83.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Thekelleys Dnsmasq
Timeline
PublishedMay 2
Latest updateMay 1

Description

Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDthekelleys/dnsmasq< 2.21
Debianthekelleys/dnsmasq< 2.21+3

Patches

Patch: secunia.comPatch: www.securityfocus.comPatch: secunia.com

🔴Vulnerability Details

3
GHSA
GHSA-h3r9-mx35-pp5w: Dnsmasq before 22022-05-01
OSV
CVE-2005-0877: Dnsmasq before 22005-05-02
CVEList
CVE-2005-0877: Dnsmasq before 22005-03-26

📋Vendor Advisories

2
Red Hat
dnsmasq: DNS cache poisoning from local network may lead to DoS2021-10-02
Debian
CVE-2005-0877: dnsmasq - Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers ...2005