CVE-2005-0877
published 2005-05-02CVE-2005-0877: Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
PriorityP429high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
1.87%
76.8th percentile
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dnsmasq | < dnsmasq 2.21 (bookworm) | dnsmasq 2.21 (bookworm) |
| thekelleys | dnsmasq | < 2.21 | 2.21 |
| thekelleys | dnsmasq | >= 0 < 2.21 | 2.21 |
| thekelleys | dnsmasq | >= 0 < 2.21 | 2.21 |
| thekelleys | dnsmasq | >= 0 < 2.21 | 2.21 |
| thekelleys | dnsmasq | >= 0 < 2.21 | 2.21 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h3r9-mx35-pp5w: Dnsmasq before 2
ghsa_unreviewed·2022-05-01
CVE-2005-0877 [MEDIUM] CWE-346 GHSA-h3r9-mx35-pp5w: Dnsmasq before 2
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
OSV
CVE-2005-0877: Dnsmasq before 2
osv·2005-05-02·CVSS 7.5
CVE-2005-0877 [HIGH] CVE-2005-0877: Dnsmasq before 2
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Red Hat
dnsmasq: DNS cache poisoning from local network may lead to DoS
vendor_redhat·2021-10-02·CVSS 7.5
CVE-2005-0877 [HIGH] CWE-346 dnsmasq: DNS cache poisoning from local network may lead to DoS
dnsmasq: DNS cache poisoning from local network may lead to DoS
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Statement: RHOSP deployments are not affected because they pull dnsmasq directly from the rhel-7-server channel. A RHOSP dnsmasq update will therefore not be provided at this time. All RHEL versions are not affected because they have the updated/fixed dnsmasq.
Package: dnsmasq (Red Hat Enterprise Linux 6) - Not affected
Package: dnsmasq (Red Hat Enterprise Linux 7) - Not affected
Package: dnsmasq (Red Hat Enterprise Linux 8) - Not affected
Package: dnsmasq (Red Hat Enterprise Linux 9) - Not affected
Package: dnsmasq (Red Hat OpenStack Platform 10 (Newton)) - Not affected
Package: dnsmasq (Red Hat Op
Debian
CVE-2005-0877: dnsmasq - Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers ...
vendor_debian·2005·CVSS 7.5
CVE-2005-0877 [HIGH] CVE-2005-0877: dnsmasq - Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers ...
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
Scope: local
bookworm: resolved (fixed in 2.21)
bullseye: resolved (fixed in 2.21)
forky: resolved (fixed in 2.21)
sid: resolved (fixed in 2.21)
trixie: resolved (fixed in 2.21)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CWE
Origin Validation Error
mitre_cwe·CVSS 9.8
[CRITICAL] CWE-346 Origin Validation Error
CWE-346: Origin Validation Error
The product does not properly verify that the source of data or communication is valid.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences:
Scope: Access Control, Other. Impact: Gain Privileges or Assume Identity, Varies by Context. An attacker can access any functionality that is inadvertently accessible to the source.
Detection Methods:
Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by buil
CWE
Improper Verification of Source of a Communication Channel
mitre_cwe
CWE-940 Improper Verification of Source of a Communication Channel
CWE-940: Improper Verification of Source of a Communication Channel
The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.
When an attacker can successfully establish a communication channel from an untrusted origin, the attacker may be able to gain privileges and access unexpected functionality.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences:
Scope: Access Control, Other. Impact: Gain Privileges or Assume Identity, Varies by Context, Bypass Protection Mechanism. An attacker can access any funct
http://secunia.com/advisories/14691http://www.securityfocus.com/bid/12897http://www.thekelleys.org.uk/dnsmasq/CHANGELOGhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19826http://secunia.com/advisories/14691http://www.securityfocus.com/bid/12897http://www.thekelleys.org.uk/dnsmasq/CHANGELOGhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19826
2005-05-02
Published