Executive Summary
Summary | |
---|---|
Title | dhcp vulnerability |
Informations | |||
---|---|---|---|
Name | USN-531-2 | First vendor Publication | 2007-10-23 |
Vendor | Ubuntu | Last vendor Modification | 2007-10-23 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: Ubuntu 7.10: In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Original advisory details: Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not |
Original Source
Url : http://www.ubuntu.com/usn/USN-531-2 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17047 | |||
Oval ID: | oval:org.mitre.oval:def:17047 | ||
Title: | USN-531-2 -- dhcp vulnerability | ||
Description: | USN-531-1 fixed vulnerabilities in dhcp. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-531-2 CVE-2007-5365 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | dhcp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17549 | |||
Oval ID: | oval:org.mitre.oval:def:17549 | ||
Title: | USN-531-1 -- dhcp vulnerability | ||
Description: | Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-531-1 CVE-2007-5365 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | dhcp |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18537 | |||
Oval ID: | oval:org.mitre.oval:def:18537 | ||
Title: | DSA-1388-3 dhcp - buffer overflow | ||
Description: | The patch used to correct the DHCP server buffer overflow in DSA-1388-1 was incomplete and did not adequately resolve the problem. This update to the previous advisory makes updated packages based on a newer version of the patch available. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1388-3 CVE-2007-5365 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | dhcp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20239 | |||
Oval ID: | oval:org.mitre.oval:def:20239 | ||
Title: | DSA-1388-1 dhcp | ||
Description: | The patch used to correct the DHCP server buffer overflow in DSA-1388-1 was incomplete and did not adequately resolve the problem. This update to the previous advisory makes updated packages based on a newer version of the patch available. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1388-1 CVE-2007-5365 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | dhcp |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5817 | |||
Oval ID: | oval:org.mitre.oval:def:5817 | ||
Title: | Security Vulnerabilities in DHCP Handling of DHCP Requests May Allow Remote Users to Execute Arbitrary Code or Cause a Denial of the DHCP Service | ||
Description: | Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5365 | Version: | 1 |
Platform(s): | Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2007-11-02 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-20 File : nvt/gb_solaris_112837_20.nasl |
2009-10-13 | Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-19 File : nvt/gb_solaris_114265_19.nasl |
2009-06-03 | Name : Solaris Update for dhcp server and admin 109077-21 File : nvt/gb_solaris_109077_21.nasl |
2009-06-03 | Name : Solaris Update for dhcp server and admin 109078-21 File : nvt/gb_solaris_109078_21.nasl |
2009-06-03 | Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-18 File : nvt/gb_solaris_112837_18.nasl |
2009-06-03 | Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-17 File : nvt/gb_solaris_114265_17.nasl |
2009-06-03 | Name : Solaris Update for usr/lib/inet/in.dhcpd 138876-01 File : nvt/gb_solaris_138876_01.nasl |
2009-06-03 | Name : Solaris Update for usr/lib/inet/in.dhcpd 138877-01 File : nvt/gb_solaris_138877_01.nasl |
2009-03-23 | Name : Ubuntu Update for dhcp vulnerability USN-531-1 File : nvt/gb_ubuntu_USN_531_1.nasl |
2009-03-23 | Name : Ubuntu Update for dhcp vulnerability USN-531-2 File : nvt/gb_ubuntu_USN_531_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1388-1 (dhcp) File : nvt/deb_1388_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41687 | Multiple Vendor dhcpd options.c cons_options Function DHCP Request Remote Ove... |
Snort® IPS/IDS
Date | Description |
---|---|
2017-08-29 | Sun Solaris dhcpd malformed bootp denial of service attempt RuleID : 43752 - Revision : 2 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-531-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-531-2.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-0970.nasl - Type : ACT_GATHER_INFO |
2007-10-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1388.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109077-21 File : solaris8_109077.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:42 |
|
2013-05-11 12:26:03 |
|