CVE-2017-14494 – Thekelleys / Dnsmasq – Information disclosure
CVE-2017-14494 is an information disclosure vulnerability impacting Thekelleys Dnsmasq versions 2.77 and earlier. An exploit was observed in open source and subsequently shared in the underground.
Summary:
CVE-2017-14494 is an information disclosure vulnerability impacting Thekelleys Dnsmasq versions 2.77 and earlier. An exploit was observed in open source and subsequently shared in the underground.
PoC Links(if available):
GitHub commit exploit –
https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/CVE-2017-14494.py
Known Counter Measures:
Thekelleys addressed the vulnerability in Dnsmasq version 2.78.
Links to patches(if available)
https://thekelleys.org.uk/dnsmasq/
