Researchers at JSOF have disclosed seven vulnerabilities concerning the widely used DNS forwarding client Dnsmasq. The vulnerabilities are split into two classes, DNS cache poisoning and buffer overflows for remote code execution. The DNS poisonings take advantage of reducing the randomness of the TXID (Transaction ID) and source port. These attacks will also require that the attacker spoof their IP or attempt to exploit from the browser by taking advantage of outstanding DNS requests in Firefox-like browsers. The second class of vulnerabilities for Dnsmasq involves heap-based buffer overflows that could potentially allow for remote code execution if Dnsmasq is configured to use DNSSEC. The versions of Dnsmasq affected by these vulnerabilities are Dnsmasq versions 2.78 to 2.82.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is