CVE-2017-14491

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html Mailing List Third Party Advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/4560 Third Party Advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/4561 Third Party Advisory
http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html Exploit Third Party Advisory VDB Entry
http://thekelleys.org.uk/dnsmasq/CHANGELOG Release Notes Vendor Advisory
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt Third Party Advisory
http://www.debian.org/security/2017/dsa-3989 Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en Third Party Advisory
http://www.securityfocus.com/bid/101085 Broken Link
http://www.securityfocus.com/bid/101977 Broken Link
http://www.securitytracker.com/id/1039474 Broken Link
http://www.ubuntu.com/usn/USN-3430-1 Third Party Advisory
http://www.ubuntu.com/usn/USN-3430-2 Third Party Advisory
http://www.ubuntu.com/usn/USN-3430-3 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2836 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2837 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2838 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2839 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2840 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2841 Third Party Advisory
https://access.redhat.com/security/vulnerabilities/3199382 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/
https://security.gentoo.org/glsa/201710-27 Third Party Advisory
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 Mitigation Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 Third Party Advisory
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ Third Party Advisory
https://www.debian.org/security/2017/dsa-3989 Third Party Advisory
https://www.exploit-db.com/exploits/42941/ Exploit Third Party Advisory VDB Entry
https://www.kb.cert.org/vuls/id/973527 Third Party Advisory US Government Resource
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*

Configuration 11 (hide)

OR cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*

Configuration 16 (hide)

OR cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*

Configuration 17 (hide)

OR cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*
History

07 Nov 2023, 02:39

Type Values Removed Values Added
References
  • {'url': 'http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc', 'name': 'http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc', 'tags': ['Mailing List', 'Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}
  • {'url': 'https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html', 'name': '[dnsmasq-discuss] 20171002 IMPORTANT SECURITY INFORMATION.', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/', 'name': 'FEDORA-2017-515264ae24', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html', 'name': '[dnsmasq-discuss] 20171002 Announce: dnsmasq-2.78.', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/', 'name': 'FEDORA-2017-7106a157f5', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/', 'name': 'FEDORA-2017-24f067299e', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ -
  • () http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc -
  • () https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html -
  • () https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ -

22 Apr 2022, 20:39

Type Values Removed Values Added
CPE cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*		 cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*
cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
First Time Microsoft windows
Microsoft
Siemens
Siemens scalance W1750d Firmware
Siemens scalance S615
Synology diskstation Manager
Arista
Nvidia jetson Tk1
Arubanetworks
Arista eos
Huawei
Arubanetworks arubaos
Opensuse
Siemens scalance W1750d
Synology
Nvidia linux For Tegra
Huawei honor V9 Play Firmware
Siemens scalance M-800
Suse linux Enterprise Debuginfo
Nvidia
Nvidia geforce Experience
Suse linux Enterprise Server
Siemens ruggedcom Rm1224
Siemens scalance S615 Firmware
Siemens scalance M-800 Firmware
Suse
Synology router Manager
Opensuse leap
Siemens ruggedcom Rm1224 Firmware
Suse linux Enterprise Point Of Sale
Huawei honor V9 Play
Nvidia jetson Tx1
CWE CWE-119 CWE-787
References (SECTRACK) http://www.securitytracker.com/id/1039474 - Third Party Advisory, VDB Entry (SECTRACK) http://www.securitytracker.com/id/1039474 - Broken Link
References (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4561 - (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4561 - Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html - (MISC) http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html - Exploit, Third Party Advisory, VDB Entry
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf - Patch, Third Party Advisory
References (CONFIRM) https://access.redhat.com/security/vulnerabilities/3199382 - Issue Tracking, Third Party Advisory (CONFIRM) https://access.redhat.com/security/vulnerabilities/3199382 - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2017/dsa-3989 - (DEBIAN) https://www.debian.org/security/2017/dsa-3989 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/101977 - (BID) http://www.securityfocus.com/bid/101977 - Broken Link
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ - Mailing List, Third Party Advisory
References (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt - (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt - Third Party Advisory
References (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 - (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 - Third Party Advisory
References (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ - (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ - Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/201710-27 - (GENTOO) https://security.gentoo.org/glsa/201710-27 - Third Party Advisory
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/42941/ - Third Party Advisory, VDB Entry (EXPLOIT-DB) https://www.exploit-db.com/exploits/42941/ - Exploit, Third Party Advisory, VDB Entry
References (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4560 - (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4560 - Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html - Mailing List, Third Party Advisory
References (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 - (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 - Mitigation, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ - Mailing List, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html - Third Party Advisory (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html - Mailing List, Third Party Advisory
References (BID) http://www.securityfocus.com/bid/101085 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/101085 - Broken Link
References (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en - (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en - Third Party Advisory
References (CONFIRM) http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc - Patch, Vendor Advisory (CONFIRM) http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc - Mailing List, Patch, Vendor Advisory
References (CONFIRM) https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq - (CONFIRM) https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ - Mailing List, Third Party Advisory
References (UBUNTU) http://www.ubuntu.com/usn/USN-3430-3 - (UBUNTU) http://www.ubuntu.com/usn/USN-3430-3 - Third Party Advisory

17 Nov 2021, 22:16

Type Values Removed Values Added
References
  • (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ -
  • (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ -
  • (UBUNTU) http://www.ubuntu.com/usn/USN-3430-3 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ -
  • (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4560 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html -
  • (MISC) http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html -
  • (DEBIAN) https://www.debian.org/security/2017/dsa-3989 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html -
  • (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 -
  • (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en -

10 Nov 2021, 01:15

Type Values Removed Values Added
References
  • {'url': 'https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/', 'name': 'https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/', 'tags': [], 'refsource': 'CONFIRM'}
  • {'url': 'https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449', 'name': 'https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449', 'tags': [], 'refsource': 'CONFIRM'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/', 'name': 'FEDORA-2017-7106a157f5', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'http://www.ubuntu.com/usn/USN-3430-3', 'name': 'USN-3430-3', 'tags': [], 'refsource': 'UBUNTU'}
  • {'url': 'http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html', 'name': 'SUSE-SU-2017:2617', 'tags': [], 'refsource': 'SUSE'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/', 'name': 'FEDORA-2017-515264ae24', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/', 'name': 'FEDORA-2017-24f067299e', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'http://nvidia.custhelp.com/app/answers/detail/a_id/4560', 'name': 'http://nvidia.custhelp.com/app/answers/detail/a_id/4560', 'tags': [], 'refsource': 'CONFIRM'}
  • {'url': 'http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html', 'name': 'SUSE-SU-2017:2619', 'tags': [], 'refsource': 'SUSE'}
  • {'url': 'http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html', 'name': 'http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://www.debian.org/security/2017/dsa-3989', 'name': 'DSA-3989', 'tags': [], 'refsource': 'DEBIAN'}
  • {'url': 'http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html', 'name': 'SUSE-SU-2017:2616', 'tags': [], 'refsource': 'SUSE'}
  • {'url': 'https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30', 'name': 'https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en', 'name': 'http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en', 'tags': [], 'refsource': 'CONFIRM'}

08 Nov 2021, 12:15

Type Values Removed Values Added
References
  • (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/ -
  • (CONFIRM) https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449 -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ -
  • (UBUNTU) http://www.ubuntu.com/usn/USN-3430-3 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ -
  • (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4560 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html -
  • (MISC) http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html -
  • (DEBIAN) https://www.debian.org/security/2017/dsa-3989 -
  • (SUSE) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html -
  • (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 -
  • (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en -
Information

Published : 2017-10-04 01:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-14491

Mitre link : CVE-2017-14491

CVE.ORG link : CVE-2017-14491

JSON object : View

Products Affected

opensuse

  • leap

canonical

  • ubuntu_linux

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server
  • enterprise_linux_workstation

siemens

  • scalance_w1750d_firmware
  • scalance_m-800_firmware
  • ruggedcom_rm1224
  • scalance_m-800
  • scalance_w1750d
  • scalance_s615
  • scalance_s615_firmware
  • ruggedcom_rm1224_firmware

debian

  • debian_linux

nvidia

  • linux_for_tegra
  • geforce_experience
  • jetson_tk1
  • jetson_tx1

arubanetworks

  • arubaos

suse

  • linux_enterprise_debuginfo
  • linux_enterprise_point_of_sale
  • linux_enterprise_server

microsoft

  • windows

arista

  • eos

huawei

  • honor_v9_play_firmware
  • honor_v9_play

synology

  • router_manager
  • diskstation_manager

thekelleys

  • dnsmasq
CWE
CWE-787

Out-of-bounds Write