CVE-2017-15107

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be…

redhat·CWE-358·Published 2018-01-23

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

221 chars

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

NVDen

221 chars

NVDes

272 chars

Se ha descubierto una vulnerabilidad en la implementación de DNSSEC en Dnsmasq hasta la versión 2.78, también incluida. Los registros NSEC sintetizados con caracteres comodín podrían interpretarse erróneamente para probar la falta de nombres de host que existen de verdad.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N