11/2/2022 0 Comments D-Link Dsl-2740U Firmware Update![]() JSOF reported multiple memory corruption vulnerabilities in dnsmasq due to boundary checking errors in DNSSEC handling code.ĬVE-2020-25681: A heap-based buffer overflow in dnsmasq in the way it sorts RRSets before validating them with DNSSEC data in an unsolicited DNS responseĬVE-2020-25682: A buffer overflow vulnerability in the way dnsmasq extract names from DNS packets before validating them with DNSSEC dataĬVE-2020-25683: A heap-based buffer overflow in get_rdata subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entriesĬVE-2020-25687: A heap-based buffer overflow in sort_rrset subroutine of dnsmasq, when DNSSEC is enabled and before it validates the received DNS entries #D Link Dsl 2740U Firmware Update code#Buffer overflow vulnerabilities that could lead to remote code execution.ĭNSmasq below v2.83 is affected by the DNSpooq vulnerabilities: DNS cache poisoning attacks, similar to the Kaminsky attack, but different in some aspects.Ģ. The list of devices industry-wide using dnsmasq that are affected by DNSpooq is long and varied.ĭNSpooq Vulnerability set divides into 2 types of vulnerabilities:ġ. ![]() DNSpooq vulnerabilities include DNS cache poisoning vulnerabilities as well as a potential Remote Code Execution and exploits. Industry and Author refers to this series of vulnerabilities as DNSpooq. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |