Oval Definition:oval:org.mitre.oval:def:13718
Revision Date:2014-06-23Version:20
Title:DSA-1876-1 dnsmasq -- buffer overflow
Description:Several remote vulnerabilities have been discovered in the TFTP component of dnsmasq. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2957 A buffer overflow in TFTP processing may enable arbitrary code execution to attackers which are permitted to use the TFTP service. CVE-2009-2958 Malicious TFTP clients may crash dnsmasq, leading to denial of service. The old stable distribution is not affected by these problems. For the stable distribution, these problems have been fixed in version 2.45-1+lenny1. For the unstable distribution, these problems have been fixed in version 2.50-1. We recommend that you upgrade your dnsmasq packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-2957
CVE-2009-2958
DSA-1876-1
Platform(s):Debian GNU/Linux 5.0
Product(s):dnsmasq
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND nsmasq DPKG is earlier than 2.45-1+lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND nsmasq-base DPKG is earlier than 2.45-1+lenny1
    • BACK