Am 08.10.18 um 03:58 schrieb Mouath Ibrahim:
> Hello,
> I ran the PoC supplied by Google research team found here:
> google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/
> and noticed immediately that dnsmasq process uses up 100% CPU usage and stops 
> responding to queries short after based on the original CVE the effect was 
> high memory usage but in this cause it was not.
> note dnsmasq didn't have any of these options set "--add-mac, --add-cpe-id or 
> --add-subnet".

Can't reproduce on 2.79 with add-subnet=24,96 in the conf file. While
the attack is ongoing, dnsmasq is slow to respond (seconds), but returns
to normal once I terminate the .py script. I don't see a denial of service.

Dnsmasq-discuss mailing list

Reply via email to