CVE-2017-14494
published 2017-10-03CVE-2017-14494: dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded…
medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EXPLOIT
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | dnsmasq | < dnsmasq 2.78-1 (bookworm) | dnsmasq 2.78-1 (bookworm) |
| novell | leap | — | — |
| novell | leap | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| thekelleys | dnsmasq | <= 2.77 | — |
| thekelleys | dnsmasq | >= 0 < 2.78-1 | 2.78-1 |
| thekelleys | dnsmasq | >= 0 < 2.78-1 | 2.78-1 |
| thekelleys | dnsmasq | >= 0 < 2.78-1 | 2.78-1 |
| thekelleys | dnsmasq | >= 0 < 2.78-1 | 2.78-1 |
| thekelleys | dnsmasq | >= 0 < 2.68-1ubuntu0.2 | 2.68-1ubuntu0.2 |
| thekelleys | dnsmasq | >= 0 < 2.75-1ubuntu0.16.04.3 | 2.75-1ubuntu0.16.04.3 |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
osv9.8CRITICAL