Dnsmasq: A Reality Check and Remediation Practices

Published on: October 9, 2017

TL;DR: Many vulnerabilities in one shot, yet several pre-conditions for a target to be actually exploitable. Here’s simple flowchart to check whether your Dnsmasq deployments are vulnerable.

Dnsmasq is the de-facto tool to implement DNS and DHCP services in small servers and embedded devices. Being Dnsmasq user, when Google Security researchers disclosed the CVE-2017-14491 to 14496 series, I quickly checked whether my installation was vulnerable.

Turned out that, despite I found a vast amount of devices running a vulnerable version of Dnsmasq, the chain of pre-conditions for these vulnerabilities to be exploitable are not super trivial. So I decided to write them down in a flowchart.

You can read the full blog post here!

#trendmicro #measurement #vulnerability