CVE-2012-3411

EUVD-2012-3381
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
thekelleysdnsmasq
𝑥
≤ 2.62
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_workstation
6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dnsmasq
bookworm
2.89-1
fixed
bullseye
2.85-1
fixed
sid
2.90-4
fixed
squeeze
no-dsa
trixie
2.90-4
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dnsmasq
hardy
ignored
lucid
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
not-affected
raring
not-affected
saucy
not-affected
libvirt
hardy
ignored
lucid
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372
http://rhn.redhat.com/errata/RHSA-2013-0276.html
http://rhn.redhat.com/errata/RHSA-2013-0277.html
http://rhn.redhat.com/errata/RHSA-2013-0579.html
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0
http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
http://www.openwall.com/lists/oss-security/2012/07/12/5
http://www.securityfocus.com/bid/54353
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://bugzilla.redhat.com/show_bug.cgi?id=833033
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372
http://rhn.redhat.com/errata/RHSA-2013-0276.html
http://rhn.redhat.com/errata/RHSA-2013-0277.html
http://rhn.redhat.com/errata/RHSA-2013-0579.html
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0
http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
http://www.openwall.com/lists/oss-security/2012/07/12/5
http://www.securityfocus.com/bid/54353
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://bugzilla.redhat.com/show_bug.cgi?id=833033