Wireless Access

last person joined: 13 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Dnsmasq vulnerabilities (DNS and DHCP)

This thread has been viewed 0 times

  • 1.  Dnsmasq vulnerabilities (DNS and DHCP)

    Posted Oct 06, 2017 05:32 AM

    Google security team has posted a blog entry regarding some vulnerabilities on dnsmasq (https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html).

    I think Aruba uses Dnsmasq for dhcp stuff but i cant find yet anything regarding this CVE´s.

    So is there any information as to Aruba's (possible) exposure to this?



  • 2.  RE: Dnsmasq vulnerabilities (DNS and DHCP)
    Best Answer

    EMPLOYEE
    Posted Oct 06, 2017 12:05 PM

    Yes, we do use dnsmasq in certain configurations.  At this point we are investigating what the impact is, if any.  I expect to have an advisory published next week on it.

     

    At this point, assuming there is an impact, I believe it's mostly likely a denial-of-service risk in the near term.



  • 3.  RE: Dnsmasq vulnerabilities (DNS and DHCP)

    Posted Oct 06, 2017 12:10 PM
    Ok thanx for the reply, will wait for the report .