CVE-2017-14491

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 4, 2017

Updated: Jan 14, 2025

CWE ID 787

Summary

CVE-2017-14491 is a heap-based buffer overflow vulnerability affecting dnsmasq versions prior to 2.78. An attacker can exploit this issue by sending a specially crafted DNS response, leading to a denial of service (crash) or the execution of arbitrary code. This vulnerability poses a significant risk as dnsmasq is widely used for DNS forwarding and caching in various network environments. Successful exploitation could result in unauthorized access, data theft, or system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

dnsmasq
Arubanetworks Arubaos
Arista EOS
NVIDIA GeForce Experience
Debian

Affected Vendors

The Kelleys
Debian
Red Hat
SUSE Linux GmbH
Siemens AG

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners