September 1, 2009

Ubuntu Security Notice 827-1: Dnsmasq vulnerabilities

Article Source Ubuntu Security Notices
September 1, 2009, 2:50 pm

IvAin Arce, Pablo HernAin Jorge, Alejandro Pablo Rodriguez, MartA¬â n Coco, Alberto SoliAto Testa and Pablo Annetta discovered that Dnsmasq did not properly validate its input when processing TFTP requests for files with long names. A remote attacker could cause a denial of service or execute arbitrary code with user privileges. Dnsmasq runs as the 'dnsmasq' user by default on Ubuntu. (CVE-2009-2957)...

Read More

Click Here!