1. CVE-Search
  2. CVE-2005-0876
ID CVE-2005-0876
Summary Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.
References
Vulnerable Configurations
  • cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*
    cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 12897
confirm http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
secunia 14691
vuln-dev 20050329 dnsmasq <2.21 off-by-one
xf dnsmasq-dhcp-offbyone-bo(19825)
Last major update 11-07-2017 - 01:32
Published 02-05-2005 - 04:00
Last modified 11-07-2017 - 01:32
Back to Top