oss-sec mailing list archives
CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 09 Jul 2012 14:04:35 +0200
Hello Kurt, Steve, vendors, David Woodhouse reported a deficiency in the way dnsmasq, a lightweight, easy to configure DNS forwarder and DHCP server, when being run under libvirt, a library providing simple virtualization API, performed processing of packets coming outside of virtual network set for the particular guest domain. When libvirt was configured to provide a range of public IP addresses to its guest domains and dnsmasq was instructed to discard packets originating from other interfaces, than specified on the command line via the --bind-interface option, those packets (coming from 'prohibited' interfaces) were not dropped properly and subsequently processed. A remote attacker could use this flaw to cause a distributed denial of service, as demonstrated in the report [1] via "stream of spoofed DNS queries producing large results". References: [1] https://bugzilla.redhat.com/show_bug.cgi?id=833033 Could you allocate a CVE id for this? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created Jan Lieskovsky (Jul 09)