Google found 7 security bugs on the famous network software Dnsmasq
Security researchers have found seven security holes on the Dnsmasq network service software, three of which allow remote code execution and hijack computers.
Security researchers have found seven security holes on the Dnsmasq network service software, three of which allow remote code execution and hijack computers.
Dnsmasq is a small network tool used by many users, providing a DNS Forwarder, DHCP server (Dynamic Host Configuration Protocol), Route Ads and a network restart service for Small network.
Dnsmasq is preinstalled on many devices and OS, including Linux kernels like Ubuntu and Debian, routers, mobile phones, and IoT devices. Shodan testing with Dnsmasq shows that about 1.1 million devices in the world are installing Dnsmasq.
Currently, Google's research team has discovered seven security flaws, including DNS-related errors for remote code execution, information leakage and service rejection errors via DNS or DHCP.
Security vulnerability on Dnsmasq network service software
In 7 errors, 3 errors can execute remote code, 3 errors to deny service and 1 error can steal information.
All errors have been patched in Dnsmasq 2.78, users should update as quickly as possible. Because the vulnerability has been fixed, Google researchers detailed the PoC code for each vulnerability.
Google has updated the affected services and released security updates for Android partners during the October security update. Other affected Google services have also been updated.
You should read it
- Detecting new malware on WinRAR can infiltrate computers and steal data
- Top 5 most dangerous remote execution vulnerabilities in early 2020, some even automatically infect other computers without users knowing.
- Detecting vulnerabilities in BitTorrent applications allows hackers to control user computers
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Dell computers became victims of RCE attacks by vulnerabilities in SupportAssist
- Samba vulnerabilities allow hackers to invade thousands of remote Linux computers
- IBM developed a new technology to patch security holes
- The world is at risk of virtual war
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
- The basic steps in dealing with network security issues that you need to understand
- Introduction to Network Access Protection (Part 1)
- Add 2 malicious samples to attack the Mac
Maybe you are interested
How to change RDP port on Windows 11 The security risks of RDP iOS 14.4 patch 3 dangerous security bugs, Apple recommends iPhone users should update immediately The difference between Remote Desktop (RDP) and VPN Edison Mail on iOS has a vulnerability that gives strangers full control over email Temporarily suspend MWC 2020 indefinitely due to the complicated development of the Covid-19 pneumonia epidemic