Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3411

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-3411
Last Modified 05 Dec 2013 12:15:37
Published 05 Mar 2013 04:38:54
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3411

Summary

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.

Vulnerable Systems

Application

  • Thekelleys Dnsmasq -

  • Thekelleys Dnsmasq 0.4

  • Thekelleys Dnsmasq 0.5

  • Thekelleys Dnsmasq 0.6

  • Thekelleys Dnsmasq 0.7

  • Thekelleys Dnsmasq 0.95

  • Thekelleys Dnsmasq 0.96

  • Thekelleys Dnsmasq 0.98

  • Thekelleys Dnsmasq 0.992

  • Thekelleys Dnsmasq 0.996

  • Thekelleys Dnsmasq 1.0

  • Thekelleys Dnsmasq 1.10

  • Thekelleys Dnsmasq 1.11

  • Thekelleys Dnsmasq 1.12

  • Thekelleys Dnsmasq 1.13

  • Thekelleys Dnsmasq 1.14

  • Thekelleys Dnsmasq 1.15

  • Thekelleys Dnsmasq 1.16

  • Thekelleys Dnsmasq 1.17

  • Thekelleys Dnsmasq 1.18

  • Thekelleys Dnsmasq 1.2

  • Thekelleys Dnsmasq 1.3

  • Thekelleys Dnsmasq 1.4

  • Thekelleys Dnsmasq 1.5

  • Thekelleys Dnsmasq 1.6

  • Thekelleys Dnsmasq 1.7

  • Thekelleys Dnsmasq 1.8

  • Thekelleys Dnsmasq 1.9

  • Thekelleys Dnsmasq 2.0

  • Thekelleys Dnsmasq 2.1

  • Thekelleys Dnsmasq 2.10

  • Thekelleys Dnsmasq 2.11

  • Thekelleys Dnsmasq 2.12

  • Thekelleys Dnsmasq 2.13

  • Thekelleys Dnsmasq 2.14

  • Thekelleys Dnsmasq 2.15

  • Thekelleys Dnsmasq 2.16

  • Thekelleys Dnsmasq 2.17

  • Thekelleys Dnsmasq 2.18

  • Thekelleys Dnsmasq 2.19

  • Thekelleys Dnsmasq 2.2

  • Thekelleys Dnsmasq 2.20

  • Thekelleys Dnsmasq 2.21

  • Thekelleys Dnsmasq 2.22

  • Thekelleys Dnsmasq 2.23

  • Thekelleys Dnsmasq 2.24

  • Thekelleys Dnsmasq 2.25

  • Thekelleys Dnsmasq 2.26

  • Thekelleys Dnsmasq 2.27

  • Thekelleys Dnsmasq 2.28

  • Thekelleys Dnsmasq 2.29

  • Thekelleys Dnsmasq 2.3

  • Thekelleys Dnsmasq 2.30

  • Thekelleys Dnsmasq 2.31

  • Thekelleys Dnsmasq 2.33

  • Thekelleys Dnsmasq 2.34

  • Thekelleys Dnsmasq 2.35

  • Thekelleys Dnsmasq 2.36

  • Thekelleys Dnsmasq 2.37

  • Thekelleys Dnsmasq 2.38

  • Thekelleys Dnsmasq 2.39

  • Thekelleys Dnsmasq 2.4

  • Thekelleys Dnsmasq 2.40

  • Thekelleys Dnsmasq 2.41

  • Thekelleys Dnsmasq 2.42

  • Thekelleys Dnsmasq 2.43

  • Thekelleys Dnsmasq 2.44

  • Thekelleys Dnsmasq 2.45

  • Thekelleys Dnsmasq 2.46

  • Thekelleys Dnsmasq 2.47

  • Thekelleys Dnsmasq 2.48

  • Thekelleys Dnsmasq 2.49

  • Thekelleys Dnsmasq 2.5

  • Thekelleys Dnsmasq 2.50

  • Thekelleys Dnsmasq 2.51

  • Thekelleys Dnsmasq 2.52

  • Thekelleys Dnsmasq 2.53

  • Thekelleys Dnsmasq 2.54

  • Thekelleys Dnsmasq 2.55

  • Thekelleys Dnsmasq 2.56

  • Thekelleys Dnsmasq 2.57

  • Thekelleys Dnsmasq 2.58

  • Thekelleys Dnsmasq 2.59

  • Thekelleys Dnsmasq 2.6

  • Thekelleys Dnsmasq 2.60

  • Thekelleys Dnsmasq 2.61

  • Thekelleys Dnsmasq 2.62

  • Thekelleys Dnsmasq 2.7

  • Thekelleys Dnsmasq 2.8

  • Thekelleys Dnsmasq 2.9


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=833033

CONFIRM - http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

BID - 54353

MLIST - [oss-security] 20120712 Re: Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created

CONFIRM - http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=54dd393f3938fc0c19088fbd319b95e37d81a2b0

CONFIRM - http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2f38141f434e23292f84cefc33e8de76fb856147

REDHAT - RHSA-2013:0277

REDHAT - RHSA-2013:0276

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372

REDHAT - RHSA-2013:0579

MANDRIVA - MDVSA-2013:072


Last Updated: 27 May 2016 11:02:00