Dnsmasq is a generally used lightweight web purpose tool designed to provide DNS (Domain Name System) forwarder, DHCP (Dynamic Host Configuration Protocol) server, router ads and network boot services for small networks.
Dnsmasq comes pre-installed on many designs and cutting rules, including Linux partitions such as Ubuntu and Debian, home routers, smartphones and Internet of Things (IoT) devices. A shodan scan for “Dnsmasq” reveals around 1.1 million instances worl
Newly, Google’s security team studied Dnsmasq and found seven security issues, including DNS-related remote code execution, information disclosure, and denial-of-service (DoS) issues that can be triggered via DNS or DHCP.
“We discovered seven distinct issues (listed below) over the course of our regular internal security assessments,” Google’s security team wrote in a blog post published on Monday.
“Once we determined the severity of these issues, we worked to investigate their impact and exploitability and then produced internal proofs of concept for each of them. We also worked with the maintainer of Dnsmasq, Simon Kelley, to produce appropriate patches and mitigate the issue.”
After the vulnerabilities have now been patched by Dnsmasq developer and maintainer Simon Kelley, Google researchers have issued details and proof-of-concept (PoC) exploit code for each of the vulnerabilities.
Out of seven vulnerabilities identified by the team, three can be exploited to give remote code execution, three can be used in denial of service attacks, and one information leakage flaw