RedHat Update For Dnsmasq RHSA-2008:0789-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Dnsmasq is lightweight DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. The dnsmasq DNS resolver used a fixed source UDP port. This could have made DNS spoofing attacks easier. dnsmasq has been updated to use random UDP source ports, helping to make DNS spoofing attacks harder. (CVE-2008-1447) All dnsmasq users are advised to upgrade to this updated package, that upgrades dnsmasq to version 2.45, which resolves this issue.

Affected

dnsmasq on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2008-August/msg00005.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-1447

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:1470
RedHat Security Advisory RHSA-2009:0057
RedHat Security Advisory RHSA-2009:1625
RedHat Security Advisory RHSA-2009:1490
RedHat Security Advisory RHSA-2009:1453

RedHat Update for dnsmasq RHSA-2008:0789-01

Take action and discover your vulnerabilities