NVD脆弱性詳細

CVE-2009-2958

概要	The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.
公表日	2009年9月3日0:30
登録日	2021年1月29日13:22
最終更新日	2017年9月19日10:29

CVSS2.0 : MEDIUM
スコア	4.3
ベクター	AV:N/AC:M/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:thekelleys:dnsmasq:0.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.95:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.96:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.98:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.992:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.996:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.0:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.2:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.3:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.8:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.9:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.10:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.11:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.12:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.13:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.14:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.15:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.16:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.17:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.18:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.0:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.1:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.2:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.3:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.8:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.9:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.10:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.11:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.12:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.13:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.14:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.15:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.16:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.17:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.18:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.19:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.20:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.21:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.22:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.23:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.24:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.25:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.26:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.27:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.28:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.29:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.30:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.31:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.33:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.34:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.35:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.36:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.37:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.38:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.39:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.40:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.41:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.42:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.43:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.44:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.45:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.46:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.47:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.48:::::::*
cpe:2.3:a:thekelleys:dnsmasq::::::::		2.49

構成1	以上	以下	より上	未満
cpe:2.3:a:thekelleys:dnsmasq:0.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.95:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.96:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.98:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.992:::::::*
cpe:2.3:a:thekelleys:dnsmasq:0.996:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.0:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.2:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.3:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.8:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.9:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.10:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.11:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.12:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.13:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.14:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.15:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.16:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.17:::::::*
cpe:2.3:a:thekelleys:dnsmasq:1.18:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.0:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.1:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.2:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.3:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.4:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.5:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.6:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.7:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.8:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.9:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.10:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.11:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.12:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.13:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.14:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.15:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.16:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.17:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.18:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.19:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.20:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.21:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.22:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.23:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.24:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.25:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.26:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.27:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.28:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.29:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.30:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.31:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.33:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.34:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.35:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.36:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.37:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.38:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.39:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.40:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.41:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.42:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.43:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.44:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.45:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.46:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.47:::::::*
cpe:2.3:a:thekelleys:dnsmasq:2.48:::::::*
cpe:2.3:a:thekelleys:dnsmasq::::::::		2.49

No	URL	refsource
1	http://secunia.com/advisories/36563	SECUNIA
2	http://www.coresecurity.com/content/dnsmasq-vulnerabilities	MISC
3	http://www.redhat.com/support/errata/RHSA-2009-1238.html	REDHAT
4	http://www.securityfocus.com/bid/36120	BID
5	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG	CONFIRM
6	http://www.ubuntu.com/usn/USN-827-1	UBUNTU
7	https://bugzilla.redhat.com/show_bug.cgi?id=519020	CONFIRM
8	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9816	OVAL
9	https://rhn.redhat.com/errata/RHSA-2010-0095.html	REDHAT