Dnsmasq and CVE-2017-1449*: A Reality Check and Remediation Practices

Dnsmasq and CVE-2017-1449*: A Reality Check and Remediation Practices

Many vulnerabilities in one shot, yet several pre-conditions for a target to be actually exploitable. Here’s simple flowchart to check whether your Dnsmasq deployments are vulnerable.

Dnsmasq is the de-facto tool to implement DNS and DHCP services in small servers and embedded devices. Being Dnsmasq user, when Google Security researchers disclosed the CVE-2017-14491 to 14496 series, I quickly checked whether my installation was vulnerable.

Turned out that, despite I found a vast amount of devices running a vulnerable version of Dnsmasq, the chain of pre-conditions for these vulnerabilities to be exploitable are not super trivial. So I decided to write them down in a flowchart.

You can read the full blog post here!

Tags :
Share :

Related Posts

The Role of Industrial Routers in Keeping the Future Factory Secure

The Role of Industrial Routers in Keeping the Future Factory Secure

Industrial routers play a very crucial role: a single vulnerability can grant the attacker access to an entire network of critical machines. In this research, I’ve looked at how easy it is for a hypothetical attacker to find and enumerate industrial routers, and the security posture of their vendors.

Read More
From a Bit-flipping to a Vulnerability in the CAN Standard

From a Bit-flipping to a Vulnerability in the CAN Standard

CAN-based protocols are vulnerable to bit-flipping attacks at the link layer. In this collaborative research, Politecnico di Milano’s NECSTLab and Trend Micro’s FTR analyze the protocol in depth and demonstrate the vulnerability on a real car, with PoC and so on.

Read More