Scientific Linux Security Update : dhcp on SL5.x i386/x86

NASLDB: Scientific Linux Security Update : dhcp on SL5.x i386/x86_64

General

ID: 61427
Name: Scientific Linux Security Update : dhcp on SL5.x i386/x86_64

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS Temporal Vector: –

Port: 0
Family: Scientific Linux Local Security Checks
Type: Local

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that
allows individual devices on an IP network to get their own network
configuration information, including an IP address, a subnet mask, and
a broadcast address.

A denial of service flaw was found in the way the dhcpd daemon handled
zero-length client identifiers. A remote attacker could use this flaw
to send a specially-crafted request to dhcpd, possibly causing it to
enter an infinite loop and consume an excessive amount of CPU time.
(CVE-2012-3571)

Users of DHCP should upgrade to these updated packages, which contain
a backported patch to correct this issue. After installing this
update, all DHCP servers will be restarted automatically.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-3571
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/08/03
Plugin Release: 2012/08/06

Plugin

Version: 1.1
Filename: sl_20120803_dhcp_on_SL5_x.nasl
Filesize: 3673 bytes
MD5 Hash: 610f5b1c7e62953f54baf7fd524fa274

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG