FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-2957

This CVE name corresponds to:

Entered Topic
2009-09-02 dnsmasq -- TFTP server remote code injection vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2009-2957
Phase Assigned(20090824)

Description

Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.

References

Source Reference
MISC http://www.coresecurity.com/content/dnsmasq-vulnerabilities
CONFIRM http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=519020
REDHAT RHSA-2010:0095
REDHAT RHSA-2009:1238
UBUNTU USN-827-1
BID 36121
OVAL oval:org.mitre.oval:def:10538
SECUNIA 36563