Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2011:001 | First vendor Publication | 2011-01-07 |
| Vendor | Mandriva | Last vendor Modification | 2011-01-07 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability has been found and corrected in dhcp: ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520 (CVE-2010-3616). The updated packages have been patched to correct this issue. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:001 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-09-12 | Name : Fedora Update for dhcp FEDORA-2011-10705 File : nvt/gb_fedora_2011_10705_dhcp_fc14.nasl |
| 2011-04-19 | Name : Fedora Update for dhcp FEDORA-2011-4897 File : nvt/gb_fedora_2011_4897_dhcp_fc14.nasl |
| 2011-02-04 | Name : Fedora Update for dhcp FEDORA-2011-0862 File : nvt/gb_fedora_2011_0862_dhcp_fc14.nasl |
| 2011-01-11 | Name : Mandriva Update for dhcp MDVSA-2011:001 (dhcp) File : nvt/gb_mandriva_MDVSA_2011_001.nasl |
| 2010-12-28 | Name : Fedora Update for dhcp FEDORA-2010-18856 File : nvt/gb_fedora_2010_18856_dhcp_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 69795 | ISC DHCP Failover Peer Port TCP Connection Remote DoS ISC DHCP contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs within the failover peer feature when handling certain TCP traffic traffic. This may be exploited via maliciously crafted packets to the failover peer port to cause a denial of service. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2011-01-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-001.nasl - Type : ACT_GATHER_INFO |
| 2010-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18856.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:41:59 |
|
