CVE-2008-3214

EUVD-2008-3204
dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
thekelleysdnsmasq
2.25
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dnsmasq
bookworm
2.89-1
fixed
bullseye
2.85-1
fixed
sid
2.90-4
fixed
trixie
2.90-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dnsmasq
dapper
Fixed 2.25-1ubuntu0.1
released
feisty
not-affected
gutsy
not-affected
hardy
not-affected
Common Weakness Enumeration
References
http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
http://www.openwall.com/lists/oss-security/2008/06/30/7
http://www.openwall.com/lists/oss-security/2008/07/01/8
http://www.openwall.com/lists/oss-security/2008/07/02/4
http://www.openwall.com/lists/oss-security/2008/07/03/4
http://www.openwall.com/lists/oss-security/2008/07/08/8
http://www.openwall.com/lists/oss-security/2008/07/12/3
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438
https://exchange.xforce.ibmcloud.com/vulnerabilities/43929
http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
http://www.openwall.com/lists/oss-security/2008/06/30/7
http://www.openwall.com/lists/oss-security/2008/07/01/8
http://www.openwall.com/lists/oss-security/2008/07/02/4
http://www.openwall.com/lists/oss-security/2008/07/03/4
http://www.openwall.com/lists/oss-security/2008/07/08/8
http://www.openwall.com/lists/oss-security/2008/07/12/3
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438
https://exchange.xforce.ibmcloud.com/vulnerabilities/43929