CVE-2009-2957: Buffer Overflow
First published: Mon Aug 24 2009(Updated: )
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/dnsmasq | <0:2.45-1.1.el5_3 | 0:2.45-1.1.el5_3 |
| the kelleys dnsmasq | <=2.49 | |
| the kelleys dnsmasq | =0.4 | |
| the kelleys dnsmasq | =0.5 | |
| the kelleys dnsmasq | =0.6 | |
| the kelleys dnsmasq | =0.7 | |
| the kelleys dnsmasq | =0.95 | |
| the kelleys dnsmasq | =0.96 | |
| the kelleys dnsmasq | =0.98 | |
| the kelleys dnsmasq | =0.992 | |
| the kelleys dnsmasq | =0.996 | |
| the kelleys dnsmasq | =1.0 | |
| the kelleys dnsmasq | =1.2 | |
| the kelleys dnsmasq | =1.3 | |
| the kelleys dnsmasq | =1.4 | |
| the kelleys dnsmasq | =1.5 | |
| the kelleys dnsmasq | =1.6 | |
| the kelleys dnsmasq | =1.7 | |
| the kelleys dnsmasq | =1.8 | |
| the kelleys dnsmasq | =1.9 | |
| the kelleys dnsmasq | =1.10 | |
| the kelleys dnsmasq | =1.11 | |
| the kelleys dnsmasq | =1.12 | |
| the kelleys dnsmasq | =1.13 | |
| the kelleys dnsmasq | =1.14 | |
| the kelleys dnsmasq | =1.15 | |
| the kelleys dnsmasq | =1.16 | |
| the kelleys dnsmasq | =1.17 | |
| the kelleys dnsmasq | =1.18 | |
| the kelleys dnsmasq | =2.0 | |
| the kelleys dnsmasq | =2.1 | |
| the kelleys dnsmasq | =2.2 | |
| the kelleys dnsmasq | =2.3 | |
| the kelleys dnsmasq | =2.4 | |
| the kelleys dnsmasq | =2.5 | |
| the kelleys dnsmasq | =2.6 | |
| the kelleys dnsmasq | =2.7 | |
| the kelleys dnsmasq | =2.8 | |
| the kelleys dnsmasq | =2.9 | |
| the kelleys dnsmasq | =2.10 | |
| the kelleys dnsmasq | =2.11 | |
| the kelleys dnsmasq | =2.12 | |
| the kelleys dnsmasq | =2.13 | |
| the kelleys dnsmasq | =2.14 | |
| the kelleys dnsmasq | =2.15 | |
| the kelleys dnsmasq | =2.16 | |
| the kelleys dnsmasq | =2.17 | |
| the kelleys dnsmasq | =2.18 | |
| the kelleys dnsmasq | =2.19 | |
| the kelleys dnsmasq | =2.20 | |
| the kelleys dnsmasq | =2.21 | |
| the kelleys dnsmasq | =2.22 | |
| the kelleys dnsmasq | =2.23 | |
| the kelleys dnsmasq | =2.24 | |
| the kelleys dnsmasq | =2.25 | |
| the kelleys dnsmasq | =2.26 | |
| the kelleys dnsmasq | =2.27 | |
| the kelleys dnsmasq | =2.28 | |
| the kelleys dnsmasq | =2.29 | |
| the kelleys dnsmasq | =2.30 | |
| the kelleys dnsmasq | =2.31 | |
| the kelleys dnsmasq | =2.33 | |
| the kelleys dnsmasq | =2.34 | |
| the kelleys dnsmasq | =2.35 | |
| the kelleys dnsmasq | =2.36 | |
| the kelleys dnsmasq | =2.37 | |
| the kelleys dnsmasq | =2.38 | |
| the kelleys dnsmasq | =2.39 | |
| the kelleys dnsmasq | =2.40 | |
| the kelleys dnsmasq | =2.41 | |
| the kelleys dnsmasq | =2.42 | |
| the kelleys dnsmasq | =2.43 | |
| the kelleys dnsmasq | =2.44 | |
| the kelleys dnsmasq | =2.45 | |
| the kelleys dnsmasq | =2.46 | |
| the kelleys dnsmasq | =2.47 | |
| the kelleys dnsmasq | =2.48 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=519020
- http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
- http://www.coresecurity.com/content/dnsmasq-vulnerabilities
- http://www.securityfocus.com/bid/36121
- https://rhn.redhat.com/errata/RHSA-2010-0095.html
- http://secunia.com/advisories/36563
- http://www.redhat.com/support/errata/RHSA-2009-1238.html
- http://www.ubuntu.com/usn/USN-827-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10538
- https://access.redhat.com/security/cve/CVE-2009-2957
- https://access.redhat.com/security/cve/CVE-2009-2958
- http://www.thekelleys.org.uk/dnsmasq/
- https://rhn.redhat.com/errata/RHSA-2009-1238.html
- https://www.cve.org/CVERecord?id=CVE-2009-2957 https://nvd.nist.gov/vuln/detail/CVE-2009-2957
- https://access.redhat.com/errata/RHSA-2009:1238
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json
Frequently Asked Questions
What is the severity of CVE-2009-2957?
CVE-2009-2957 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2009-2957?
To fix CVE-2009-2957, upgrade dnsmasq to version 2.50 or later.
Which versions of dnsmasq are affected by CVE-2009-2957?
CVE-2009-2957 affects dnsmasq versions prior to 2.50, including 0.4 to 2.49.
Can CVE-2009-2957 be exploited remotely?
Yes, CVE-2009-2957 can be exploited remotely through a crafted TFTP packet.
What symptoms indicate a potential CVE-2009-2957 exploitation?
Symptoms may include unexpected system behavior or crashes related to dnsmasq's TFTP service.
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-2957
- agent/remedy
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/redhat-cve
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- package-manager/redhat
- vendor/thekelleys
- canonical/the kelleys dnsmasq
- version/the kelleys dnsmasq/2.49
- version/the kelleys dnsmasq/0.4
- version/the kelleys dnsmasq/0.5
- version/the kelleys dnsmasq/0.6
- version/the kelleys dnsmasq/0.7
- version/the kelleys dnsmasq/0.95
- version/the kelleys dnsmasq/0.96
- version/the kelleys dnsmasq/0.98
- version/the kelleys dnsmasq/0.992
- version/the kelleys dnsmasq/0.996
- version/the kelleys dnsmasq/1.0
- version/the kelleys dnsmasq/1.2
- version/the kelleys dnsmasq/1.3
- version/the kelleys dnsmasq/1.4
- version/the kelleys dnsmasq/1.5
- version/the kelleys dnsmasq/1.6
- version/the kelleys dnsmasq/1.7
- version/the kelleys dnsmasq/1.8
- version/the kelleys dnsmasq/1.9
- version/the kelleys dnsmasq/1.10
- version/the kelleys dnsmasq/1.11
- version/the kelleys dnsmasq/1.12
- version/the kelleys dnsmasq/1.13
- version/the kelleys dnsmasq/1.14
- version/the kelleys dnsmasq/1.15
- version/the kelleys dnsmasq/1.16
- version/the kelleys dnsmasq/1.17
- version/the kelleys dnsmasq/1.18
- version/the kelleys dnsmasq/2.0
- version/the kelleys dnsmasq/2.1
- version/the kelleys dnsmasq/2.2
- version/the kelleys dnsmasq/2.3
- version/the kelleys dnsmasq/2.4
- version/the kelleys dnsmasq/2.5
- version/the kelleys dnsmasq/2.6
- version/the kelleys dnsmasq/2.7
- version/the kelleys dnsmasq/2.8
- version/the kelleys dnsmasq/2.9
- version/the kelleys dnsmasq/2.10
- version/the kelleys dnsmasq/2.11
- version/the kelleys dnsmasq/2.12
- version/the kelleys dnsmasq/2.13
- version/the kelleys dnsmasq/2.14
- version/the kelleys dnsmasq/2.15
- version/the kelleys dnsmasq/2.16
- version/the kelleys dnsmasq/2.17
- version/the kelleys dnsmasq/2.18
- version/the kelleys dnsmasq/2.19
- version/the kelleys dnsmasq/2.20
- version/the kelleys dnsmasq/2.21
- version/the kelleys dnsmasq/2.22
- version/the kelleys dnsmasq/2.23
- version/the kelleys dnsmasq/2.24
- version/the kelleys dnsmasq/2.25
- version/the kelleys dnsmasq/2.26
- version/the kelleys dnsmasq/2.27
- version/the kelleys dnsmasq/2.28
- version/the kelleys dnsmasq/2.29
- version/the kelleys dnsmasq/2.30
- version/the kelleys dnsmasq/2.31
- version/the kelleys dnsmasq/2.33
- version/the kelleys dnsmasq/2.34
- version/the kelleys dnsmasq/2.35
- version/the kelleys dnsmasq/2.36
- version/the kelleys dnsmasq/2.37
- version/the kelleys dnsmasq/2.38
- version/the kelleys dnsmasq/2.39
- version/the kelleys dnsmasq/2.40
- version/the kelleys dnsmasq/2.41
- version/the kelleys dnsmasq/2.42
- version/the kelleys dnsmasq/2.43
- version/the kelleys dnsmasq/2.44
- version/the kelleys dnsmasq/2.45
- version/the kelleys dnsmasq/2.46
- version/the kelleys dnsmasq/2.47
- version/the kelleys dnsmasq/2.48