LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

dnsmasq: heap overflow, NULL pointer dereference

Package(s):dnsmasq CVE #(s):CVE-2009-2957 CVE-2009-2958
Created:September 1, 2009 Updated:October 14, 2009
Description: From the Red Hat advisory:

Core Security Technologies discovered a heap overflow flaw in dnsmasq when the TFTP service is enabled (the "--enable-tftp" command line option, or by enabling "enable-tftp" in "/etc/dnsmasq.conf"). If the configured tftp-root is sufficiently long, and a remote user sends a request that sends a long file name, dnsmasq could crash or, possibly, execute arbitrary code with the privileges of the dnsmasq service (usually the unprivileged "nobody" user). (CVE-2009-2957)

A NULL pointer dereference flaw was discovered in dnsmasq when the TFTP service is enabled. This flaw could allow a malicious TFTP client to crash the dnsmasq service. (CVE-2009-2958)

Alerts:
Fedora FEDORA-2009-10285 2009-10-06
Gentoo 200909-19 2009-09-20
Ubuntu USN-827-1 2009-09-01
Debian DSA-1876-1 2009-09-01
CentOS CESA-2009:1238 2009-09-01
SuSE SUSE-SR:2009:014 2009-09-01
Red Hat RHSA-2009:1238-01 2009-08-31
Fedora FEDORA-2009-10252 2009-10-06
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds