7.1 - RHSA-2013:0504

Executive Summary

Summary
Title	dhcp security and bug fix update

Informations
Name	RHSA-2013:0504	First vendor Publication	2013-02-21
Vendor	RedHat	Last vendor Modification	2013-02-21
Severity (Vendor)	Low	Revision	02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score	7.1	Attack Range	Network
Cvss Impact Score	6.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated dhcp packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The dhcp packages provide the Dynamic Host Configuration Protocol (DHCP) that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.

A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash. (CVE-2012-3955)

This update also fixes the following bugs:

* Prior to this update, the DHCP server discovered only the first IP address of a network interface if the network interface had more than one configured IP address. As a consequence, the DHCP server failed to restart if the server was configured to serve only a subnet of the following IP addresses. This update modifies network interface addresses discovery code to find all addresses of a network interface. The DHCP server can also serve subnets of other addresses. (BZ#803540)

* Prior to this update, the dhclient rewrote the /etc/resolv.conf file with backup data after it was stopped even when the PEERDNS flag was set to "no" before shut down if the configuration file was changed while the dhclient ran with PEERDNS=yes. This update removes the backing up and restoring functions for this configuration file from the dhclient-script. Now, the dhclient no longer rewrites the /etc/resolv.conf file when stopped. (BZ#824622)

All users of DHCP are advised to upgrade to these updated packages, which fix these issues. After installing this update, all DHCP servers will be restarted automatically.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

803540 - DHCP server fails to start if the subnet is not the primary subnet for a device 824622 - dhclient-script should honor PEERDNS on quit 856766 - CVE-2012-3955 dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-0504.html

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18093

Oval ID:	oval:org.mitre.oval:def:18093
Title:	USN-1571-1 -- dhcp3, isc-dhcp vulnerability
Description:	DHCP could be made to crash if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-1571-1 CVE-2012-3955	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	isc-dhcp dhcp3
Definition Synopsis:
Release section Ubuntu 12.04 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.ESV-R4-0ubuntu5.5 AND isc-dhcp-server DPKG is earlier than 4.1.ESV-R4-0ubuntu5.5 AND Release section Ubuntu 11.10 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.1-P1-17ubuntu10.5 AND isc-dhcp-server DPKG is earlier than 4.1.1-P1-17ubuntu10.5 AND Release section Ubuntu 11.04 is installed Packages match section isc-dhcp-client DPKG is earlier than 4.1.1-P1-15ubuntu9.6 AND isc-dhcp-server DPKG is earlier than 4.1.1-P1-15ubuntu9.6 AND Release section Ubuntu 10.04 is installed Packages match section dhcp3-client DPKG is earlier than 3.1.3-2ubuntu3.4 AND dhcp3-server DPKG is earlier than 3.1.3-2ubuntu3.4

Definition Id: oval:org.mitre.oval:def:18509

Oval ID:	oval:org.mitre.oval:def:18509
Title:	DSA-2551-1 isc-dhcp - denial of service
Description:	Glen Eustace discovered that the ISC DHCP server, a server for automatic IP address assignment, is not properly handling changes in the expiration times of a lease. An attacker may use this flaw to crash the service and cause denial of service conditions, by reducing the expiration time of an active IPv6 lease.
Family:	unix	Class:	patch
Reference(s):	DSA-2551-1 CVE-2012-3955	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	isc-dhcp
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND isc-dhcp DPKG is earlier than 4.1.1-P1-15+squeeze8

Definition Id: oval:org.mitre.oval:def:20885

Oval ID:	oval:org.mitre.oval:def:20885
Title:	RHSA-2013:0504: dhcp security and bug fix update (Low)
Description:	ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0504-02 CESA-2013:0504 CVE-2012-3955	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	dhcp
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section dhclient is earlier than 12:4.1.1-34.P1.el6 AND dhcp-devel is earlier than 12:4.1.1-34.P1.el6 AND dhcp is earlier than 12:4.1.1-34.P1.el6 AND dhcp-common is earlier than 12:4.1.1-34.P1.el6

Definition Id: oval:org.mitre.oval:def:23290

Oval ID:	oval:org.mitre.oval:def:23290
Title:	ELSA-2013:0504: dhcp security and bug fix update (Low)
Description:	ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0504-02 CVE-2012-3955	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	dhcp
Definition Synopsis:
Oracle Linux 6.x rpm test dhclient is earlier than 12:4.1.1-34.P1.el6 AND dhcp-devel is earlier than 12:4.1.1-34.P1.el6 AND dhcp is earlier than 12:4.1.1-34.P1.el6 AND dhcp-common is earlier than 12:4.1.1-34.P1.el6

Definition Id: oval:org.mitre.oval:def:27444

Oval ID:	oval:org.mitre.oval:def:27444
Title:	DEPRECATED: ELSA-2013-0504 -- dhcp security and bug fix update (low)
Description:	[12:4.1.1-34.P1.0.1.el6] - Added oracle-errwarn-message.patch [12:4.1.1-34.P1] - Reducing the expiration time for an IPv6 lease may cause the server to crash (CVE-2012-3955, #858130) [12:4.1.1-33.P1] - Use getifaddrs() for interface discovery code on Linux (#803540) - dhclient-script: do not backup&restore /etc/resolv.conf (#824622) [12:4.1.1-32.P1] - An error in the handling of malformed client identifiers can cause a denial-of-service condition in affected servers. (CVE-2012-3571, #843122) - Memory Leaks Found In ISC DHCP (CVE-2012-3954, #843122)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0504 CVE-2012-3955	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	dhcp
Definition Synopsis:
Oracle Linux 6.x Packages match section dhcp is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhclient is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhcp-common is earlier than 0:4.1.1-34.P1.0.1.el6 AND dhcp-devel is earlier than 0:4.1.1-34.P1.0.1.el6

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Dhcp cpe:2.3:a:isc:dhcp:4.1.2:rc1:::::: cpe:2.3:a:isc:dhcp:4.1.2:p1:::::: cpe:2.3:a:isc:dhcp:4.1.2:b1:::::: cpe:2.3:a:isc:dhcp:4.1.2:-:::::: cpe:2.3:a:isc:dhcp:4.1.1:b1:::::: cpe:2.3:a:isc:dhcp:4.1.1:b2:::::: cpe:2.3:a:isc:dhcp:4.1.1:-:::::: cpe:2.3:a:isc:dhcp:4.1.1:rc1:::::: cpe:2.3:a:isc:dhcp:4.1.1:b3:::::: cpe:2.3:a:isc:dhcp:4.1.0:a1:::::: cpe:2.3:a:isc:dhcp:4.1.0:a2:::::: cpe:2.3:a:isc:dhcp:4.1.0:-:::::: cpe:2.3:a:isc:dhcp:4.1.0:b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc2:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r3:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r6:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_rc1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5_b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r5:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r4:::::: cpe:2.3:a:isc:dhcp:4.1-esv:rc1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r2:::::: cpe:2.3:a:isc:dhcp:4.1-esv:r1:::::: cpe:2.3:a:isc:dhcp:4.1-esv:-::::::	25
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:11.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	4
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	2

OpenVAS Exploits

Date	Description
2012-10-23	Name : Fedora Update for dhcp FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl
2012-10-23	Name : Fedora Update for dhcp FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl
2012-10-03	Name : Fedora Update for dhcp FEDORA-2012-14076 File : nvt/gb_fedora_2012_14076_dhcp_fc16.nasl
2012-10-03	Name : Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp) File : nvt/gb_mandriva_MDVSA_2012_153_1.nasl
2012-09-27	Name : Fedora Update for dhcp FEDORA-2012-14149 File : nvt/gb_fedora_2012_14149_dhcp_fc17.nasl
2012-09-26	Name : Debian Security Advisory DSA 2551-1 (isc-dhcp) File : nvt/deb_2551_1.nasl
2012-09-22	Name : Ubuntu Update for isc-dhcp USN-1571-1 File : nvt/gb_ubuntu_USN_1571_1.nasl
2012-09-15	Name : Slackware Advisory SSA:2012-258-01 dhcp File : nvt/esoft_slk_ssa_2012_258_01.nasl

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-09-20	IAVM : 2012-B-0092 - ISC DHCP Denial of Service Vulnerability Severity : Category I - VMSKEY : V0033809

Nessus® Vulnerability Scanner

Date	Description
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_isc-dhcp_20130129.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0579.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-643.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-642.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-629.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-157.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-03-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_dhcp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0504.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_dhcp-120917.nasl - Type : ACT_GATHER_INFO
2013-01-09	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-06.nasl - Type : ACT_GATHER_INFO
2012-10-03	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-153.nasl - Type : ACT_GATHER_INFO
2012-10-03	Name : The remote Fedora host is missing a security update. File : fedora_2012-14076.nasl - Type : ACT_GATHER_INFO
2012-09-27	Name : The remote Fedora host is missing a security update. File : fedora_2012-14149.nasl - Type : ACT_GATHER_INFO
2012-09-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2551.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1571-1.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13910.nasl - Type : ACT_GATHER_INFO
2012-09-15	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-258-01.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-10-12 13:27:31	Multiple Updates
2014-02-17 11:56:49	Multiple Updates
2013-02-21 09:19:01	First insertion

Global Informations

Type	Count
Oval ID(s)	5
CPE ID(s)	31
Openvas Exploit(s)	8
IAVM(s)	1
Nessus® Exploit(s)	19

	Related
7.1	CVE-2012-3955
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

7.1 - RHSA-2013:0504

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU