10-06-2017 02:31 AM
Google security team has posted a blog entry regarding some vulnerabilities on dnsmasq (https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html).
I think Aruba uses Dnsmasq for dhcp stuff but i cant find yet anything regarding this CVE´s.
So is there any information as to Aruba's (possible) exposure to this?
Solved! Go to Solution.
10-06-2017 09:04 AM
Yes, we do use dnsmasq in certain configurations. At this point we are investigating what the impact is, if any. I expect to have an advisory published next week on it.
At this point, assuming there is an impact, I believe it's mostly likely a denial-of-service risk in the near term.
Jon Green, ACMX, CISSP