CVE-2017-15107

Source
Severity Medium
Remote Yes
Type Insufficient validation
Description
A vulnerability was found in Dnsmasq's implementation of DNSSEC before 2.79. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
Group Package Affected Fixed Severity Status Ticket
AVG-592 dnsmasq 2.78-1 2.78-2 Medium Fixed
Date Advisory Group Package Severity Description
30 Jan 2018 ASA-201801-32 AVG-592 dnsmasq Medium insufficient validation
References
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=4fe6744a220eddd3f1749b40cac3dfc510787de6
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q1/011896.html
Notes
Requires DNSSEC support to be vulnerable