Mandrake Local Security Checks : Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831733

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)

Resumen: The remote host is missing an update for the 'dhcp'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'dhcp'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A security issue was identified and fixed in dhcp:

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows
remote attackers to cause a denial of service (daemon crash)
in opportunistic circumstances by establishing an IPv6 lease in
an environment where the lease expiration time is later reduced
(CVE-2012-3955).

The updated packages have been patched to correct this issue.

Update:

Packages for Mandriva Linux 2011 is being provided.

The updated packages have been upgraded to dhcp 4.2.4-P2 which is
not vulnerable to this issue.

Affected Software/OS:
dhcp on Mandriva Linux 2011.0

Solution:
Please Install the Updated Packages.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3955
BugTraq ID: 55530
http://www.securityfocus.com/bid/55530
Debian Security Information: DSA-2551 (Google Search)
http://www.debian.org/security/2012/dsa-2551
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:153
RedHat Security Advisories: RHSA-2013:0504
http://rhn.redhat.com/errata/RHSA-2013-0504.html
http://www.securitytracker.com/id?1027528
http://secunia.com/advisories/51318
SuSE Security Announcement: openSUSE-SU-2012:1234 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html
SuSE Security Announcement: openSUSE-SU-2012:1252 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html
SuSE Security Announcement: openSUSE-SU-2012:1254 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html
http://www.ubuntu.com/usn/USN-1571-1

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831733
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)
Resumen:	The remote host is missing an update for the 'dhcp'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'dhcp' package(s) announced via the referenced advisory. Vulnerability Insight: A security issue was identified and fixed in dhcp: ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced (CVE-2012-3955). The updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2011 is being provided. The updated packages have been upgraded to dhcp 4.2.4-P2 which is not vulnerable to this issue. Affected Software/OS: dhcp on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3955 BugTraq ID: 55530 http://www.securityfocus.com/bid/55530 Debian Security Information: DSA-2551 (Google Search) http://www.debian.org/security/2012/dsa-2551 http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html http://security.gentoo.org/glsa/glsa-201301-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 RedHat Security Advisories: RHSA-2013:0504 http://rhn.redhat.com/errata/RHSA-2013-0504.html http://www.securitytracker.com/id?1027528 http://secunia.com/advisories/51318 SuSE Security Announcement: openSUSE-SU-2012:1234 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html SuSE Security Announcement: openSUSE-SU-2012:1252 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html SuSE Security Announcement: openSUSE-SU-2012:1254 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html http://www.ubuntu.com/usn/USN-1571-1
Copyright	Copyright (C) 2012 Greenbone AG