Dnsmasq 缓冲区错误漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2841

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2840

来源:CONFIRM

链接:https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/

来源:CONFIRM

链接:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en

来源:EXPLOIT-DB

链接:https://www.exploit-db.com/exploits/42941/

来源:MISC

链接:https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

来源:BID

链接:https://www.securityfocus.com/bid/101977

来源:www.kb.cert.org

链接:http://www.kb.cert.org/vuls/id/973527

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2017:2837

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2017:2836

来源:ics-cert.us-cert.gov

链接:https://ics-cert.us-cert.gov/advisories/ICSA-17-332-01

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14496.py

来源:www.debian.org

链接:https://www.debian.org/security/2017/dsa-3989

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14496

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14495

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14494

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14493

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14492

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495409Bug1495409

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2017-14491

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/CVE-2017-13704

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495510

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495416

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495415

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495412

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495411

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1495410

来源:source.android.com

链接:https://source.android.com/security/bulletin/2017-10-01

来源:www.slackware.com

链接:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.601472

来源:github.com

链接:https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG.md

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14495.py

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14494.py

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14493.py

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14492.py

来源:github.com

链接:https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14491.py

来源:www.thekelleys.org.uk

链接:http://www.thekelleys.org.uk/dnsmasq/doc.html

来源:www.thekelleys.org.uk

链接:http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html

来源:MLIST

链接:https://www.mail-archive.com/[email protected]/msg11665.html

来源:CONFIRM

链接:http://thekelleys.org.uk/dnsmasq/CHANGELOG

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/

来源:CONFIRM

链接:https://access.redhat.com/security/vulnerabilities/3199382

来源:CONFIRM

链接:http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/

来源:BID

链接:https://www.securityfocus.com/bid/101085

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2838

来源:GENTOO

链接:https://security.gentoo.org/glsa/201710-27

来源:CONFIRM

链接:http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2839

来源:MLIST

链接:https://www.mail-archive.com/[email protected]/msg11664.html

来源:UBUNTU

链接:http://www.ubuntu.com/usn/USN-3430-3

来源:UBUNTU

链接:http://www.ubuntu.com/usn/USN-3430-2

来源:UBUNTU

链接:http://www.ubuntu.com/usn/USN-3430-1

来源:CONFIRM

链接:http://nvidia.custhelp.com/app/answers/detail/a_id/4561

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html

来源:MISC

链接:https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30

来源:CONFIRM

链接:https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf

来源:CONFIRM

链接:http://nvidia.custhelp.com/app/answers/detail/a_id/4560

来源:CERT-VN

链接:https://www.kb.cert.org/vuls/id/973527

来源:CONFIRM

链接:https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

来源:CONFIRM

链接:https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/

来源:MISC

链接:https://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html

来源:SECTRACK

链接:http://www.securitytracker.com/id/1039474

来源:www.securityfocus.com

链接:http://www.securityfocus.com/bid/101085

来源:us-cert.cisa.gov

链接:https://us-cert.cisa.gov/ics/advisories/ICSA-17-332-01

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/101085