 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.50543 |
| Category: | Mandrake Local Security Checks |
| Title: | Mandrake Security Advisory MDKSA-2004:061 (dhcp) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to dhcp announced via advisory MDKSA-2004:061. A vulnerability in how ISC's DHCPD handles syslog messages can allow a malicious attacker with the ability to send special packets to the DHCPD listening port to crash the daemon, causing a Denial of Service. It is also possible that they may be able to execute arbitrary code on the vulnerable server with the permissions of the user running DHCPD, which is usually root. A similar vulnerability also exists in the way ISC's DHCPD makes use of the vsnprintf() function on system that do not support vsnprintf(). This vulnerability could also be used to execute arbitrary code and/or perform a DoS attack. The vsnprintf() statements that have this problem are defined after the vulnerable code noted above, which would trigger the previous problem rather than this one. Thanks to Gregory Duchemin and Solar Designer for discovering these flaws. The updated packages contain 3.0.1rc14 which is not vulnerable to these problems. Only ISC DHCPD 3.0.1rc12 and 3.0.1rc13 are vulnerable to these issues. Affected versions: 10.0, 9.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:061 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0461 http://www.kb.cert.org/vuls/id/317350 http://www.kb.cert.org/vuls/id/654390 Risk factor : Critical CVSS Score: 10.0 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0460 BugTraq ID: 10590 http://www.securityfocus.com/bid/10590 Bugtraq: 20040622 DHCP Vuln // no code 0day // (Google Search) http://marc.info/?l=bugtraq&m=108795911203342&w=2 Bugtraq: 20040628 ISC DHCP overflows (Google Search) http://marc.info/?l=bugtraq&m=108843959502356&w=2 Bugtraq: 20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd) (Google Search) http://marc.info/?l=bugtraq&m=108938625206063&w=2 Cert/CC Advisory: TA04-174A http://www.us-cert.gov/cas/techalerts/TA04-174A.html CERT/CC vulnerability note: VU#317350 http://www.kb.cert.org/vuls/id/317350 http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 http://secunia.com/advisories/23265 SuSE Security Announcement: SuSE-SA:2004:019 (Google Search) http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html XForce ISS Database: dhcp-ascii-log-bo(16475) https://exchange.xforce.ibmcloud.com/vulnerabilities/16475 Common Vulnerability Exposure (CVE) ID: CVE-2004-0461 BugTraq ID: 10591 http://www.securityfocus.com/bid/10591 CERT/CC vulnerability note: VU#654390 http://www.kb.cert.org/vuls/id/654390 XForce ISS Database: dhcp-c-include-bo(16476) https://exchange.xforce.ibmcloud.com/vulnerabilities/16476 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |