Gentoo Archives: gentoo-announce

From: Alex Legler <a3li@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200909-19 ] Dnsmasq: Multiple vulnerabilities
Date: Sun, 20 Sep 2009 19:37:04
Message-Id: 20090920205846.30e02ac3@mail.netloc.info
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200909-19
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Dnsmasq: Multiple vulnerabilities
9 Date: September 20, 2009
10 Bugs: #282653
11 ID: 200909-19
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities in Dnsmasq might result in the remote
19 execution of arbitrary code, or a Denial of Service.
20
21 Background
22 ==========
23
24 Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP
25 server. It includes support for Trivial FTP (TFTP).
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 net-dns/dnsmasq < 2.5.0 >= 2.5.0
34
35 Description
36 ===========
37
38 Multiple vulnerabilities have been reported in the TFTP functionality
39 included in Dnsmasq:
40
41 * Pablo Jorge and Alberto Solino discovered a heap-based buffer
42 overflow (CVE-2009-2957).
43
44 * An anonymous researcher reported a NULL pointer reference
45 (CVE-2009-2958).
46
47 Impact
48 ======
49
50 A remote attacker in the local network could exploit these
51 vulnerabilities by sending specially crafted TFTP requests to a machine
52 running Dnsmasq, possibly resulting in the remote execution of
53 arbitrary code with the privileges of the user running the daemon, or a
54 Denial of Service. NOTE: The TFTP server is not enabled by default.
55
56 Workaround
57 ==========
58
59 You can disable the TFTP server either at buildtime by not enabling the
60 "tftp" USE flag, or at runtime. Make sure "--enable-tftp" is not set in
61 the DNSMASQ_OPTS variable in the /etc/conf.d/dnsmasq file and
62 "enable-tftp" is not set in /etc/dnsmasq.conf, either of which would
63 enable TFTP support if it is compiled in.
64
65 Resolution
66 ==========
67
68 All Dnsmasq users should upgrade to the latest version:
69
70 # emerge --sync
71 # emerge --ask --oneshot --verbose =net-dns/dnsmasq-2.5.0
72
73 References
74 ==========
75
76 [ 1 ] CVE-2009-2957
77 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957
78 [ 2 ] CVE-2009-2958
79 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958
80
81 Availability
82 ============
83
84 This GLSA and any updates to it are available for viewing at
85 the Gentoo Security Website:
86
87 http://security.gentoo.org/glsa/glsa-200909-19.xml
88
89 Concerns?
90 =========
91
92 Security is a primary focus of Gentoo Linux and ensuring the
93 confidentiality and security of our users machines is of utmost
94 importance to us. Any security concerns should be addressed to
95 security@g.o or alternatively, you may file a bug at
96 https://bugs.gentoo.org.
97
98 License
99 =======
100
101 Copyright 2009 Gentoo Foundation, Inc; referenced text
102 belongs to its owner(s).
103
104 The contents of this document are licensed under the
105 Creative Commons - Attribution / Share Alike license.
106
107 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature