CVE Vulnerability

CVE-2008-3214

dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.

7.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.openwall.com/lists/oss-security/2008/06/30/7
http://www.openwall.com/lists/oss-security/2008/07/01/8
http://www.openwall.com/lists/oss-security/2008/07/02/4
http://www.openwall.com/lists/oss-security/2008/07/03/4
http://www.openwall.com/lists/oss-security/2008/07/08/8
http://www.openwall.com/lists/oss-security/2008/07/12/3 Exploit
http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438 Exploit
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://exchange.xforce.ibmcloud.com/vulnerabilities/43929
Configurations

Configuration 1

cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
Information

Published : 2008-07-18 04:41

Updated : 2017-08-08 01:31

NVD link : CVE-2008-3214

Mitre link : CVE-2008-3214

Products Affected
No products.
CWE
CWE-20