7.1 - DSA-2551

Executive Summary

Summary
Title	isc-dhcp security update

Informations
Name	DSA-2551	First vendor Publication	2012-09-23
Vendor	Debian	Last vendor Modification	2012-09-23
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score	7.1	Attack Range	Network
Cvss Impact Score	6.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Glen Eustace discovered that the ISC DHCP server, a server for automatic IP address assignment, is not properly handling changes in the expiration times of a lease. An attacker may use this flaw to crash the service and cause denial of service conditions, by reducing the expiration time of an active IPv6 lease.

For the stable distribution (squeeze), this problem has been fixed in version 4.1.1-P1-15+squeeze8.

For the testing distribution (wheezy), this problem has will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in version 4.2.4-2.

We recommend that you upgrade your isc-dhcp packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2551

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18093

Oval ID:	oval:org.mitre.oval:def:18093
Title:	USN-1571-1 -- dhcp3, isc-dhcp vulnerability
Description:	DHCP could be made to crash if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-1571-1 CVE-2012-3955	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	isc-dhcp dhcp3
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.ESV-R4-0ubuntu5.5 AND isc-dhcp-server DPKG is earlier than 4.1.ESV-R4-0ubuntu5.5 AND Release section Ubuntu 11.10 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.1-P1-17ubuntu10.5 AND isc-dhcp-server DPKG is earlier than 4.1.1-P1-17ubuntu10.5 AND Release section Ubuntu 11.04 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.1-P1-15ubuntu9.6 AND isc-dhcp-server DPKG is earlier than 4.1.1-P1-15ubuntu9.6 AND Release section Ubuntu 10.04 is installed Packages match section dhcp3-client DPKG is earlier than 3.1.3-2ubuntu3.4 AND dhcp3-server DPKG is earlier than 3.1.3-2ubuntu3.4

Definition Id: oval:org.mitre.oval:def:18509

Oval ID:	oval:org.mitre.oval:def:18509
Title:	DSA-2551-1 isc-dhcp - denial of service
Description:	Glen Eustace discovered that the ISC DHCP server, a server for automatic IP address assignment, is not properly handling changes in the expiration times of a lease. An attacker may use this flaw to crash the service and cause denial of service conditions, by reducing the expiration time of an active IPv6 lease.
Family:	unix	Class:	patch
Reference(s):	DSA-2551-1 CVE-2012-3955	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	isc-dhcp
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND isc-dhcp DPKG is earlier than 4.1.1-P1-15+squeeze8

Definition Id: oval:org.mitre.oval:def:20885

Oval ID:	oval:org.mitre.oval:def:20885
Title:	RHSA-2013:0504: dhcp security and bug fix update (Low)
Description:	ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0504-02 CESA-2013:0504 CVE-2012-3955	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	dhcp
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section dhclient is earlier than 12:4.1.1-34.P1.el6 AND dhcp-devel is earlier than 12:4.1.1-34.P1.el6 AND dhcp is earlier than 12:4.1.1-34.P1.el6 AND dhcp-common is earlier than 12:4.1.1-34.P1.el6

Definition Id: oval:org.mitre.oval:def:23290

Oval ID:	oval:org.mitre.oval:def:23290
Title:	ELSA-2013:0504: dhcp security and bug fix update (Low)
Description:	ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0504-02 CVE-2012-3955	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	dhcp
Definition Synopsis:
Oracle Linux 6.x rpm test dhclient is earlier than 12:4.1.1-34.P1.el6 AND dhcp-devel is earlier than 12:4.1.1-34.P1.el6 AND dhcp is earlier than 12:4.1.1-34.P1.el6 AND dhcp-common is earlier than 12:4.1.1-34.P1.el6

Definition Id: oval:org.mitre.oval:def:27444

Oval ID:	oval:org.mitre.oval:def:27444
Title:	DEPRECATED: ELSA-2013-0504 -- dhcp security and bug fix update (low)
Description:	[12:4.1.1-34.P1.0.1.el6] - Added oracle-errwarn-message.patch [12:4.1.1-34.P1] - Reducing the expiration time for an IPv6 lease may cause the server to crash (CVE-2012-3955, #858130) [12:4.1.1-33.P1] - Use getifaddrs() for interface discovery code on Linux (#803540) - dhclient-script: do not backup&restore /etc/resolv.conf (#824622) [12:4.1.1-32.P1] - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. (CVE-2012-3571, #843122) - Memory Leaks Found In ISC DHCP (CVE-2012-3954, #843122)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0504 CVE-2012-3955	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	dhcp
Definition Synopsis:
Oracle Linux 6.x Packages match section dhcp is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhclient is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhcp-common is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhcp-devel is earlier than 0:4.1.1-34.P1.0.1.el6

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Dhcp cpe:2.3:a:isc:dhcp:4.1.2:rc1:::::: cpe:2.3:a:isc:dhcp:4.1.2:p1:::::: cpe:2.3:a:isc:dhcp:4.1.2:b1:::::: cpe:2.3:a:isc:dhcp:4.1.2:-:::::: cpe:2.3:a:isc:dhcp:4.1.1:b1:::::: cpe:2.3:a:isc:dhcp:4.1.1:b2:::::: cpe:2.3:a:isc:dhcp:4.1.1:-:::::: cpe:2.3:a:isc:dhcp:4.1.1:rc1:::::: cpe:2.3:a:isc:dhcp:4.1.1:b3:::::: cpe:2.3:a:isc:dhcp:4.1.0:a1:::::: cpe:2.3:a:isc:dhcp:4.1.0:a2:::::: cpe:2.3:a:isc:dhcp:4.1.0:-:::::: cpe:2.3:a:isc:dhcp:4.1.0:b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r3:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r6:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r4:::::: cpe:2.3:a:isc:dhcp:4.1-esv:rc1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r2:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:-::::::	25
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:11.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	4
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	2

OpenVAS Exploits

Date	Description
2012-10-23	Name : Fedora Update for dhcp FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl
2012-10-23	Name : Fedora Update for dhcp FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl
2012-10-03	Name : Fedora Update for dhcp FEDORA-2012-14076 File : nvt/gb_fedora_2012_14076_dhcp_fc16.nasl
2012-10-03	Name : Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp) File : nvt/gb_mandriva_MDVSA_2012_153_1.nasl
2012-09-27	Name : Fedora Update for dhcp FEDORA-2012-14149 File : nvt/gb_fedora_2012_14149_dhcp_fc17.nasl
2012-09-26	Name : Debian Security Advisory DSA 2551-1 (isc-dhcp) File : nvt/deb_2551_1.nasl
2012-09-22	Name : Ubuntu Update for isc-dhcp USN-1571-1 File : nvt/gb_ubuntu_USN_1571_1.nasl
2012-09-15	Name : Slackware Advisory SSA:2012-258-01 dhcp File : nvt/esoft_slk_ssa_2012_258_01.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-09-20	IAVM : 2012-B-0092 - ISC DHCP Denial of Service Vulnerability Severity : Category I - VMSKEY : V0033809

Nessus® Vulnerability Scanner

Date	Description
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_isc-dhcp_20130129.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0579.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-643.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-642.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-629.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-157.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-03-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_dhcp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_dhcp-120917.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-06.nasl - Type : ACT_GATHER_INFO
2012-10-03	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-153.nasl - Type : ACT_GATHER_INFO
2012-10-03	Name : The remote Fedora host is missing a security update. File : fedora_2012-14076.nasl - Type : ACT_GATHER_INFO
2012-09-27	Name : The remote Fedora host is missing a security update. File : fedora_2012-14149.nasl - Type : ACT_GATHER_INFO
2012-09-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2551.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1571-1.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13910.nasl - Type : ACT_GATHER_INFO
2012-09-15	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-258-01.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:31:22	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	5
CPE ID(s)	31
Openvas Exploit(s)	8
IAVM(s)	1
Nessus® Exploit(s)	19

	Related
7.1	CVE-2012-3955
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

7.1 - DSA-2551

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU