ClearOS Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


This article is currently being written.

CVE 2017-14496

'Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the –add-mac, –add-cpe-id or –add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. '

ClearCenter response

Short response

This issue was resolved in a backported fix. Current up to date versions not affected.

Long response

This issue was resolved in ddnsmasq-2.76-2 for ClearOS 7.x. Systems with this version of dnsmasq or higher are not affected by this issue. ClearOS 6 systems are not affected by this vulnerability.

Resolution

To validate that you are running dnsmasq-2.76-2 or higher by issuing the following command:

rpm -qi dnsmasq

If you are running a lesser version than dnsmasq-2.76-2 on ClearOS 7, please update your system by running:

yum update
content/en_us/announcements_cve_cve-2017-14496.txt · Last modified: 2017/12/20 10:06 by dloper

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Aannouncements_cve_cve-2017-14496&1566617877