FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-18 00:09:58 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
5b72b1ff-877c-11eb-bd4f-2f1d57dafe46	dnsmasq -- cache poisoning vulnerability in certain configurations Simon Kelley reports: [In configurations where the forwarding server address contains an @ character for specifying a sending interface or source address, the] random source port behavior was disabled, making cache poisoning attacks possible. This only affects configurations of the form server=1.1.1.1@em0 or server=1.1.1.1@192.0.2.1, i. e. those that specify an interface to send through, or an IP address to send from, or use together with NetworkManager. Discovery 2021-03-17 Entry 2021-03-18 dnsmasq < 2.85.r1,1 dnsmasq-devel < 2.85.r1,3 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014835.html CVE-2021-3448

VuXML ID

Description

5b72b1ff-877c-11eb-bd4f-2f1d57dafe46

dnsmasq -- cache poisoning vulnerability in certain configurations

Simon Kelley reports:

[In configurations where the forwarding server address contains an @ character for specifying a sending interface or source address, the] random source port behavior was disabled, making cache poisoning attacks possible.

This only affects configurations of the form server=1.1.1.1@em0 or server=1.1.1.1@192.0.2.1, i. e. those that specify an interface to send through, or an IP address to send from, or use together with NetworkManager.

Discovery 2021-03-17
Entry 2021-03-18
dnsmasq

< 2.85.r1,1

dnsmasq-devel

< 2.85.r1,3

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q1/014835.html
CVE-2021-3448