In association with heise online

01 September 2009, 09:46

Vulnerabilities in DNS Proxy Dnsmasq

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The release of version 2.50 of the lightweight DNS proxy, Dnsmasq, closes two vulnerabilities which could allow an attacker to inject and execute arbitrary code on systems or routers running the service or stage a denial of service. Dnsmasq is used on routers running the router distributions OpenWRT or DD-WRT as it is ideal for providing DNS services for small networks.

However, the holes only occur in an unusual configuration. The administrator has to enable the TFTP service, explicitly using the --enable-tfp switch. By default, this service is not enabled on OpenWRT or DD-WRT routers.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit