Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-2958Dnsmasq vulnerability

CWE-3999 documents9 sources
Severity
4.3MEDIUMNVD
EPSS
1.1%
top 21.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Thekelleys Dnsmasq
Timeline
PublishedSep 2
Latest updateMay 2

Description

The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

Debianthekelleys/dnsmasq< 2.50-1+3
NVDthekelleys/dnsmasq2.49+75

🔴Vulnerability Details

3
GHSA
GHSA-m4qp-3gf5-73rm: The tftp_request function in tftp2022-05-02
OSV
CVE-2009-2958: The tftp_request function in tftp2009-09-02
CVEList
CVE-2009-2958: The tftp_request function in tftp2009-09-02

💥Exploits & PoCs

1
Exploit-DB
Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference2009-09-09

📋Vendor Advisories

3
Ubuntu
Dnsmasq vulnerabilities2009-09-01
Red Hat
dnsmasq: multiple vulnerabilities in TFTP server2009-08-31
Debian
CVE-2009-2958: dnsmasq - The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp i...2009

💬Community

1
Bugzilla
CVE-2009-2957, CVE-2009-2958 dnsmasq: multiple vulnerabilities in TFTP server2009-08-24
CVE-2009-2958 — Thekelleys Dnsmasq vulnerability | cvebase