This security update doesn't replace any previously released. dnsmasq wurde auf v2. For deployment information about this update, see security update deployment information: September 12, 2017. More Information Security update deployment information. To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer. Download the security update KB3213551 for the 64-bit version of Office 2016. The issue was fixed in DnsMasq software version 2.78, released in October 2017. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Cisco has released firmware updates that address this vulnerability. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device - your device login/password combination, your Wi-Fi password, and your configuration data.Īny device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise. An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability.
Reference: CVE-2017-14491 | Google Security Blog Reference: CVE-2017-14491 Google Security Blog Description: The affected devices DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. We have identified the following problem with your router or Wi-Fi hotspot device:ĭnsMasq heap buffer overflow vulnerability