Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2018-5733First vendor Publication2019-01-16
VendorCveLast vendor Modification2019-10-09

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733

CWE : Common Weakness Enumeration

%idName
100 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application89
Os3
Os3
Os2
Os2
Os2
Os3
Os2

Nessus® Vulnerability Scanner

DateDescription
2018-09-18Name : The remote EulerOS Virtualization host is missing multiple security updates.
File : EulerOS_SA-2018-1250.nasl - Type : ACT_GATHER_INFO
2018-05-02Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1072.nasl - Type : ACT_GATHER_INFO
2018-05-02Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1073.nasl - Type : ACT_GATHER_INFO
2018-04-18Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-984.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201804-05.nasl - Type : ACT_GATHER_INFO
2018-04-06Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-984.nasl - Type : ACT_GATHER_INFO
2018-03-23Name : The remote Debian host is missing a security update.
File : debian_DLA-1313.nasl - Type : ACT_GATHER_INFO
2018-03-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0483.nasl - Type : ACT_GATHER_INFO
2018-03-12Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0469.nasl - Type : ACT_GATHER_INFO
2018-03-08Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4133.nasl - Type : ACT_GATHER_INFO
2018-03-08Name : The DHCP server installed on the remote Linux host is affected by a buffer ov...
File : isc_dhcp_AA-01565_AA-01567.nasl - Type : ACT_GATHER_INFO
2018-03-06Name : The remote Fedora host is missing a security update.
File : fedora_2018-5051dbd15e.nasl - Type : ACT_GATHER_INFO
2018-03-05Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2040c7f51e3a11e88ae90050569f0b83.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-060-01.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/103188
CONFIRM https://kb.isc.org/docs/aa-01567
DEBIAN https://www.debian.org/security/2018/dsa-4133
MLIST https://lists.debian.org/debian-lts-announce/2018/03/msg00015.html
REDHAT https://access.redhat.com/errata/RHSA-2018:0469
https://access.redhat.com/errata/RHSA-2018:0483
SECTRACK http://www.securitytracker.com/id/1040437
UBUNTU https://usn.ubuntu.com/3586-1/
https://usn.ubuntu.com/3586-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-10-10 05:20:42
  • Multiple Updates
2019-01-17 17:18:57
  • Multiple Updates
2019-01-17 00:19:24
  • First insertion