CVE-2015-3294 : The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.

Published 2015-05-08 14:59:06

Updated 2018-10-09 19:56:49

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2015-3294

Oracle » Solaris » Version: 11.2
cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
Matching versions
Thekelleys » Dnsmasq » Update RC3
Versions up to, including, (<=) 2.73
cpe:2.3:a:thekelleys:dnsmasq:*:rc3:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2015-3294

Top countries where our scanners detected CVE-2015-3294

Top open port discovered on systems with this issue 53

IPs affected by CVE-2015-3294 684,118

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2015-3294!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2015-3294

EPSS FAQ

1.57%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-3294

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:P	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2015-3294

CWE-19

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-3294

http://www.securitytracker.com/id/1032195

Dnsmasq Flaw in setup_reply() Lets Remote Users Deny Service - SecurityTracker
https://security.gentoo.org/glsa/201512-01

Dnsmasq: Denial of Service (GLSA 201512-01) — Gentoo security
http://www.ubuntu.com/usn/USN-2593-1

USN-2593-1: Dnsmasq vulnerability | Ubuntu security notices
Vendor Advisory
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html

[Dnsmasq-discuss] dnsmsaq potential vulnerability
Third Party Advisory
http://www.securityfocus.com/bid/74452

Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html

openSUSE-SU-2015:0857-1: moderate: Security update for dnsmasq
http://www.securityfocus.com/archive/1/535354/100/1100/threaded

SecurityFocus
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html

[Dnsmasq-discuss] dnsmsaq potential vulnerability
Exploit
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8

thekelleys.org.uk Git - dnsmasq.git/commitdiff
Patch
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

Oracle Solaris Third Party Bulletin - July 2015
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2015/dsa-3251

Vendor Advisory