Main Vulnerability Database Vulnerabilities #VU110638

Origin validation error in Dnsmasq - CVE-2005-0877

Published: February 8, 2024 / Updated: June 8, 2025

Vulnerability identifier: #VU110638

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2005-0877

CWE-ID: CWE-346

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Dnsmasq

Software vendor:
GNU

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.

Install update from vendor's website.