Executive Summary

Summary
Title isc-dhcp security update
Informations
Name DSA-2184 First vendor Publication 2011-03-05
Vendor Debian Last vendor Modification 2011-03-05
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

It was discovered that the ISC DHCPv6 server does not correctly process requests which come from unexpected source addresses, leading to an assertion failure and a daemon crash.

The oldstable distribution (lenny) is not affected by this problem.

For the stable distribution (squeeze), this problem has been fixed in version 4.1.1-P1-15+squeeze1.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 4.1.1-P1-16.

We recommend that you upgrade your isc-dhcp packages.

Original Source

Url : http://www.debian.org/security/2011/dsa-2184

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12965
 
Oval ID: oval:org.mitre.oval:def:12965
Title: DSA-2184-1 isc-dhcp -- denial of service
Description: It was discovered that the ISC DHCPv6 server does not correctly process requests which come from unexpected source addresses, leading to an assertion failure and a daemon crash. The oldstable distribution is not affected by this problem.
Family: unix Class: patch
Reference(s): DSA-2184-1
CVE-2011-0413
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): isc-dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21503
 
Oval ID: oval:org.mitre.oval:def:21503
Title: RHSA-2011:0256: dhcp security update (Moderate)
Description: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Family: unix Class: patch
Reference(s): RHSA-2011:0256-01
CVE-2011-0413
 Version: 4
Platform(s): Red Hat Enterprise Linux 6
 Product(s): dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23094
 
Oval ID: oval:org.mitre.oval:def:23094
Title: ELSA-2011:0256: dhcp security update (Moderate)
Description: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
Family: unix Class: patch
Reference(s): ELSA-2011:0256-01
CVE-2011-0413
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28156
 
Oval ID: oval:org.mitre.oval:def:28156
Title: DEPRECATED: ELSA-2011-0256 -- dhcp security update (moderate)
Description: [12:4.1.1-12.P1.2] - CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672994)
Family: unix Class: patch
Reference(s): ELSA-2011-0256
CVE-2011-0413
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): dhcp
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 29

OpenVAS Exploits

Date Description
2012-06-05 Name : RedHat Update for dhcp RHSA-2011:0256-01
File : nvt/gb_RHSA-2011_0256-01_dhcp.nasl
2011-09-12 Name : Fedora Update for dhcp FEDORA-2011-10705
File : nvt/gb_fedora_2011_10705_dhcp_fc14.nasl
2011-04-21 Name : Fedora Update for dhcp FEDORA-2011-0848
File : nvt/gb_fedora_2011_0848_dhcp_fc13.nasl
2011-04-19 Name : Fedora Update for dhcp FEDORA-2011-4897
File : nvt/gb_fedora_2011_4897_dhcp_fc14.nasl
2011-03-09 Name : Debian Security Advisory DSA 2184-1 (isc-dhcp)
File : nvt/deb_2184_1.nasl
2011-03-05 Name : FreeBSD Ports: isc-dhcp41-server
File : nvt/freebsd_isc-dhcp41-server0.nasl
2011-02-11 Name : Mandriva Update for dhcp MDVSA-2011:022 (dhcp)
File : nvt/gb_mandriva_MDVSA_2011_022.nasl
2011-02-04 Name : Fedora Update for dhcp FEDORA-2011-0862
File : nvt/gb_fedora_2011_0862_dhcp_fc14.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70680 ISC DHCP DHCPv6 Message Declined Address Remote DoS

ISC DHCP contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs while processing a previously declined address's DHCPv6 messages, which may be exploited to cause an assertion failure denial of service.

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_dhcp-110203.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0256.nasl - Type : ACT_GATHER_INFO
2011-04-19 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0848.nasl - Type : ACT_GATHER_INFO
2011-03-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2184.nasl - Type : ACT_GATHER_INFO
2011-02-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0256.nasl - Type : ACT_GATHER_INFO
2011-02-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-022.nasl - Type : ACT_GATHER_INFO
2011-02-02 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0862.nasl - Type : ACT_GATHER_INFO
2011-01-31 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_dc9f83352b3b11e0a91b00e0815b8da8.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:29:57
  • Multiple Updates