dnsmasq security issue with TFTP

Hi there,

dnsmasq has a security issue with TFTP:
"
>Subject: [Dnsmasq-discuss] Announce: dnsmasq-2.50
>From: Simon Kelley <simon.DeleteThis@thekelleys.org.uk>
>Date: Mon, 31 Aug 2009 18:01:14 +0100
>
>This is a security update to 2.49 only.
>
>The CHANGELOG:
>
>version 2.50
> Fix security problem which allowed any host permitted to
> do TFTP to possibly compromise dnsmasq by remote buffer
> overflow when TFTP enabled. Thanks to Core Security
> Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro
> Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
> Pablo Annetta. This problem has Bugtraq id: 36121
> and CVE: 2009-2957
>
> Fix a problem which allowed a malicious TFTP client to
> crash dnsmasq. Thanks to Steve Grubb at Red Hat for
> spotting this. This problem has Bugtraq id: 36120 and
> CVE: 2009-2958
"
Grant.
--
http://bugsplatter.id.au

On Tue, 01 Sep 2009 10:35:14 +1000, Grant <g_r_a_n_t_.RemoveThis@bugsplatter.id.au> wrote:

>Hi there,
>
>dnsmasq has a security issue with TFTP:
>"
>>Subject: [Dnsmasq-discuss] Announce: dnsmasq-2.50
>>From: Simon Kelley <simon.RemoveThis@thekelleys.org.uk>
>>Date: Mon, 31 Aug 2009 18:01:14 +0100
>>
>>This is a security update to 2.49 only.
>>
>>The CHANGELOG:
>>
>>version 2.50
>> Fix security problem which allowed any host permitted to
>> do TFTP to possibly compromise dnsmasq by remote buffer
>> overflow when TFTP enabled. Thanks to Core Security
>> Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro
>> Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
>> Pablo Annetta. This problem has Bugtraq id: 36121
>> and CVE: 2009-2957
>>
>> Fix a problem which allowed a malicious TFTP client to
>> crash dnsmasq. Thanks to Steve Grubb at Red Hat for
>> spotting this. This problem has Bugtraq id: 36120 and
>> CVE: 2009-2958
>"

Oops: http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.50.tar.gz

>Grant.