 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.64460 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandrake Security Advisory MDVSA-2009:153 (dhcp) |
| Resumen: | The remote host is missing an update to dhcp;announced via advisory MDVSA-2009:153. |
| Descripción: | Summary: The remote host is missing an update to dhcp announced via advisory MDVSA-2009:153. Vulnerability Insight: A vulnerability has been found and corrected in ISC DHCP: Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1, and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients (CVE-2007-0062). This update provides fixes for this vulnerability. Affected: 2008.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-0062 BugTraq ID: 25729 http://www.securityfocus.com/bid/25729 Bugtraq: 20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client (Google Search) http://www.securityfocus.com/archive/1/501759/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml http://security.gentoo.org/glsa/glsa-200808-05.xml ISS Security Advisory: 20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities http://www.iss.net/threats/275.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:153 http://www.securitytracker.com/id?1018717 http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://secunia.com/advisories/31396 http://secunia.com/advisories/34263 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://www.ubuntu.com/usn/usn-543-1 http://www.vupen.com/english/advisories/2007/3229 XForce ISS Database: dhcp-param-overflow(33102) https://exchange.xforce.ibmcloud.com/vulnerabilities/33102 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |