Next Page >>
dhcp
Hash: SHA1
Core Security Technologies – CoreLabs Advisory
http://www.coresecurity.com/corelabs
Stack-based buffer overflow vulnerability in OpenBSD’s DHCP server
*Advisory Information*
Title: Stack-based buffer overflow vulnerability in OpenBSD’s DHCP server
- -----------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0014
Synopsis: VMware ESX patches for DHCP, Service Console kernel,
and JRE resolve multiple security issues
Issue date: 2009-10-16
Updated on: 2009-10-16 (initial release of advisory)
CVE numbers: CVE-2009-0692 CVE-2009-1893 CVE-2009-0692
CVE-2008-4210 CVE-2008-3275 CVE-2008-5356
Mandriva Linux Security Advisory MDVSA-2009:312
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : December 3, 2009
Affected: 2008.0
_______________________________________________________________________
Problem Description:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: ISC DHCP: Denial of Service
Date: August 06, 2008
Bugs: #227135
ID: 200808-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-531-2 October 23, 2007
dhcp vulnerability
CVE-2007-5365
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
===========================================================
Ubuntu Security Notice USN-531-1 October 22, 2007
dhcp vulnerability
CVE-2007-5365
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
===========================================================
Ubuntu Security Notice USN-803-2 January 27, 2010
dhcp3 vulnerability
CVE-2009-0692
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: ISC DHCP: dhcpclient Remote execution of arbitrary code
Date: July 14, 2009
Bugs: #277729
ID: 200907-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
===========================================================
Ubuntu Security Notice USN-803-1 July 14, 2009
dhcp3 vulnerability
CVE-2009-0692
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Debian Security Advisory DSA 1388-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
October 18th, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : dhcp
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-5365
Debian Bug : 446354
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: ISC DHCP: dhcpd Denial of Service
Date: August 18, 2009
Bugs: #275231
ID: 200908-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mandriva Linux Security Advisory MDVSA-2009:153
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : July 17, 2009
Affected: 2008.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:154
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : July 19, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:172
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : July 28, 2009
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2011:073
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : April 11, 2011
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2011:128
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : August 18, 2011
Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
+”module version = 0.66.6; ” # ...
+”mac = 00-30-11-00-CA-FE; ” # MAC
+”ip = 192.168.1.252; ” # ...
+”sn = 255.255.255.0; ” # Network Mask
+”gw = 192.168.1.1; ” # Gateway
+”dhcp = off; ” # whether the device is using a DHCP server for
obtaining the IP address. (on/off)
+”pswd = off; ” # whether the device is using a PASSWORD(on/off)
+”hn = morroBufalo; ” # hostname (optional)
+”dns1 = 192.168.1.33; ” # Primary DNS
+”dns2 = 192.168.1.34; ” # Secondary DNS (optional)
Mandriva Linux Security Advisory MDVSA-2009:151
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : July 15, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
==========================================================================
Ubuntu Security Notice USN-1108-2
April 19, 2011
dhcp3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
Mandriva Linux Security Advisory MDVSA-2010:226
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : November 10, 2010
Affected: 2009.1, 2010.0, 2010.1
_______________________________________________________________________
Problem Description:
Mandriva Linux Security Advisory MDVSA-2010:114
http://www.mandriva.com/security/
_______________________________________________________________________
Package : dhcp
Date : June 11, 2010
Affected: 2009.1, 2010.0
_______________________________________________________________________
Problem Description:
Debian Security Advisory DSA-2216-1 security@debian.org
http://www.debian.org/security/ Nico Golde
April 10, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : isc-dhcp
Vulnerability : missing input sanitization
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0997
Debian bug : 621099
Debian Security Advisory DSA-1833-2 security@debian.org
http://www.debian.org/security/ Florian Weimer
August 25, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : dhcp3
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-0692 CVE-2009-1892
CERT advisory : VU#410676
spoofing of DNS replies.
Background
==========
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP
server.
Affected packages
=================
Debian Security Advisory DSA-1388-3 security@debian.org
http://www.debian.org/security/ Noah Meyerhans
October 29, 2007 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : dhcp
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-5365
Debian Bug : 446354
ifupdown 0.6.8ubuntu29.2
Ubuntu 10.10:
ifupdown 0.6.10ubuntu3.1
After a standard system update you need to restart your DHCP network
interfaces to make all the necessary changes.
Details follow:
Under certain circumstances, the DHCP client could start before its
Debian Security Advisory DSA-2217-1 security@debian.org
http://www.debian.org/security/ Nico Golde
April 10, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : dhcp3
Vulnerability : missing input sanitization
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0997
Debian Security Advisory DSA-1833-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
July 14, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : dhcp3
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-0692 CVE-2009-1892
CERT advisory : VU#410676
VMware Player 1.0.4 upgrade to version 1.0.5 (Build# 56455)
VMware Server 1.0.3 upgrade to version 1.0.4 (Build# 56528)
VMware ACE 2.0.0 upgrade to version 2.0.1 (Build# 55017)
VMware ACE 1.0.3 upgrade to version 1.0.4 (Build# 54075)
II Hosted products DHCP security vulnerabilities addressed
This release fixes several vulnerabilities in the DHCP server
that could enable a specially crafted packets to gain system-level
privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)
~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this
~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running
~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
Next Page>>
|
