Vulnerabilities > Thekelleys

DATE CVE VULNERABILITY TITLE RISK
2009-09-02 CVE-2009-2957 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Thekelleys Dnsmasq
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
6.8
2008-07-18 CVE-2008-3214 Improper Input Validation vulnerability in Thekelleys Dnsmasq 2.25
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
network
low complexity
thekelleys CWE-20
7.8
2005-05-02 CVE-2005-0877 Origin Validation Error vulnerability in Thekelleys Dnsmasq
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
network
low complexity
thekelleys CWE-346
7.5