CVE: CVE-2005-0877

Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00053
Percentile: 0.16626

CVSS Scoring

CVSS v3.1 Score: 7.5

Severity: HIGH

Mapped CWE(s)

CWE-346 : Origin Validation Error

All CAPEC(s)

CAPEC-111: JSON Hijacking (aka JavaScript Hijacking)
CAPEC-141: Cache Poisoning
CAPEC-142: DNS Cache Poisoning
CAPEC-160: Exploit Script-Based APIs
CAPEC-21: Exploitation of Trusted Identifiers
CAPEC-384: Application API Message Manipulation via Man-in-the-Middle
CAPEC-385: Transaction or Event Tampering via Application API Manipulation
CAPEC-386: Application API Navigation Remapping
CAPEC-387: Navigation Remapping To Propagate Malicious Content
CAPEC-388: Application API Button Hijacking
CAPEC-510: SaaS User Request Forgery
CAPEC-59: Session Credential Falsification through Prediction
CAPEC-60: Reusing Session IDs (aka Session Replay)
CAPEC-75: Manipulating Writeable Configuration Files
CAPEC-76: Manipulating Web Input to File System Calls
CAPEC-89: Pharming

CAPEC(s) with Mapped TTPs

CAPEC-141: Cache Poisoning
Mapped TTPs:
- T1557.002 : ARP Cache Poisoning
CAPEC-142: DNS Cache Poisoning
Mapped TTPs:
- T1584.002 : DNS Server
CAPEC-21: Exploitation of Trusted Identifiers
Mapped TTPs:
- T1134 : Access Token Manipulation
- T1528 : Steal Application Access Token
- T1539 : Steal Web Session Cookie
CAPEC-60: Reusing Session IDs (aka Session Replay)
Mapped TTPs:
- T1134.001 : Token Impersonation/Theft
- T1550.004 : Web Session Cookie

Mapped ATT&CK TTPs

T1557.002 : ARP Cache Poisoning
Kill Chain: credential-access
T1584.002 : DNS Server
Kill Chain: resource-development
T1134 : Access Token Manipulation
Kill Chain: defense-evasion
T1528 : Steal Application Access Token
Kill Chain: credential-access
T1539 : Steal Web Session Cookie
Kill Chain: credential-access
T1134.001 : Token Impersonation/Theft
Kill Chain: defense-evasion
T1550.004 : Web Session Cookie
Kill Chain: defense-evasion

Malware

APTs Threat Group Associations

Campaigns

SolarWinds Compromise
Leviathan Australian Intrusions
HomeLand Justice
C0017

Affected Products

cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*

← Back to Home