公告ID: KYLIN-2020-14312
安全等级: 中等
产品: Kylin V3
发布日期: 2020年6月30日
CVE: CVE-2020-14312
CVSS3评分: 4.0
概述:
Even though Red Hat Enterprise Linux 8 and Fedora do not ship a secure default, they have firewalld service enabled by default, which denies incoming DNS queries, preventing this potential attack vector. 描述:
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
dnsmasq
dnsmasq
dnsmasq
dnsmasq