Slackware Advisory SSA:2005-201-01 Dnsmasq Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-201-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-201-01

Insight

New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877

Severity

Classification

CVE CVE-2005-0876, CVE-2005-0877

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Slackware Advisory SSA:2006-207-03 gimp
Slackware Advisory SSA:2006-123-02 firefox
Slackware Advisory SSA:2003-141-03 glibc XDR overflow fix
Slackware Advisory SSA:2007-093-03 qt
Slackware Advisory SSA:2005-203-03 zlib

Slackware Advisory SSA:2005-201-01 dnsmasq

Take action and discover your vulnerabilities