Vulnerabilities > CVE-2017-15107 - Unspecified vulnerability in Thekelleys Dnsmasq
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Vulnerable Configurations
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0017_DNSMASQ.NASL description An update of the dnsmasq package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121920 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121920 title Photon OS 2.0: Dnsmasq PHSA-2018-2.0-0017 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0109_LIBTASN1.NASL description An update of the libtasn1 package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121811 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121811 title Photon OS 1.0: Libtasn1 PHSA-2018-1.0-0109 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0109.NASL description An update of 'libtasn1', 'dnsmasq' packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111920 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111920 title Photon OS 1.0: Dnsmasq / Libtasn1 PHSA-2018-1.0-0109 (deprecated) NASL family Fedora Local Security Checks NASL id FEDORA_2018-FBE4017846.NASL description DNSSEC fix for wildcard NSEC records (CVE-2017-15107) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-01-31 plugin id 106522 published 2018-01-31 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106522 title Fedora 27 : dnsmasq (2018-fbe4017846) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2669.NASL description This update for dnsmasq fixes the following issues : Security issues fixed: 	 - CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation (bsc#1154849) - CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance (bsc#1076958). Other issues addressed : - Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543). - Removed cache size limit (bsc#1138743). - bsc#1152539: include config files from /etc/dnsmasq.d/*.conf . This update was imported from the SUSE:SLE-15-SP1:Update update project. last seen 2020-05-09 modified 2019-12-12 plugin id 131994 published 2019-12-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131994 title openSUSE Security Update : dnsmasq (openSUSE-2019-2669) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1721-1.NASL description This update for dnsmasq fixes the following issues : Security issue fixed : CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance. (bsc#1076958) Non-security issue fixed: Reload system dbus to pick up policy change on install (bsc#1054429). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126460 published 2019-07-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126460 title SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2019:1721-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1595.NASL description According to the version of the dnsmasq packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.(CVE-2017-15107) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-06 modified 2020-06-02 plugin id 137013 published 2020-06-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137013 title EulerOS 2.0 SP5 : dnsmasq (EulerOS-SA-2020-1595) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-3188-1.NASL description This update for dnsmasq fixes the following issues : Security issues fixed : CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation (bsc#1154849) CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance (bsc#1076958). Other issues addressed: Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543). Removed cache size limit (bsc#1138743). Included config files from /etc/dnsmasq.d/*.conf (bsc#1152539). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-09 modified 2019-12-06 plugin id 131757 published 2019-12-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131757 title SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2019:3188-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1530.NASL description According to the versions of the dnsmasq packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.(CVE-2019-14834) - A vulnerability was found in Dnsmasq last seen 2020-05-09 modified 2020-05-01 plugin id 136233 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136233 title EulerOS Virtualization for ARM 64 3.0.2.0 : dnsmasq (EulerOS-SA-2020-1530) NASL family Fedora Local Security Checks NASL id FEDORA_2018-9780220F7D.NASL description DNSSEC fix for wildcard NSEC records (CVE-2017-15107) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-02-07 plugin id 106640 published 2018-02-07 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106640 title Fedora 26 : dnsmasq (2018-9780220f7d) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0109_DNSMASQ.NASL description An update of the dnsmasq package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121810 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121810 title Photon OS 1.0: Dnsmasq PHSA-2018-1.0-0109 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0017.NASL description An update of {'libtasn1', 'libtiff', 'dnsmasq'} packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111287 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111287 title Photon OS 2.0 : libtasn1 / libtiff / dnsmasq (PhotonOS-PHSA-2018-2.0-0017) (deprecated) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-3189-1.NASL description This update for dnsmasq fixes the following issues : Security issues fixed : CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation (bsc#1154849) CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance (bsc#1076958). Other issues addressed: Included linux/sockios.h to get SIOCGSTAMP (bsc#1156543). Removed cache size limit (bsc#1138743). bsc#1152539: include config files from /etc/dnsmasq.d/*.conf . Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-09 modified 2019-12-06 plugin id 131758 published 2019-12-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131758 title SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2019:3189-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1174.NASL description According to the versions of the dnsmasq packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash.i1/4^CVE-2017-13704i1/4%0 - A vulnerability was found in Dnsmasq last seen 2020-03-19 modified 2019-04-09 plugin id 123860 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123860 title EulerOS Virtualization 2.5.3 : dnsmasq (EulerOS-SA-2019-1174)