7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.963 High
EPSS
Percentile
99.6%
CentOS Errata and Security Advisory CESA-2011:1160
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.
Two denial of service flaws were found in the way the dhcpd daemon handled
certain incomplete request packets. A remote attacker could use these flaws
to crash dhcpd via a specially-crafted request. (CVE-2011-2748,
CVE-2011-2749)
Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing this update, all
DHCP servers will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-August/079854.html
https://lists.centos.org/pipermail/centos-announce/2011-August/079855.html
https://lists.centos.org/pipermail/centos-announce/2011-September/079962.html
https://lists.centos.org/pipermail/centos-announce/2011-September/080013.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026472.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026473.html
Affected packages:
dhclient
dhcp
dhcp-devel
libdhcp4client
libdhcp4client-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1160
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | dhclient | < 3.0.1-68.el4 | dhclient-3.0.1-68.el4.i386.rpm |
CentOS | 4 | i386 | dhcp | < 3.0.1-68.el4 | dhcp-3.0.1-68.el4.i386.rpm |
CentOS | 4 | i386 | dhcp-devel | < 3.0.1-68.el4 | dhcp-devel-3.0.1-68.el4.i386.rpm |
CentOS | 4 | x86_64 | dhclient | < 3.0.1-68.el4 | dhclient-3.0.1-68.el4.x86_64.rpm |
CentOS | 4 | x86_64 | dhcp | < 3.0.1-68.el4 | dhcp-3.0.1-68.el4.x86_64.rpm |
CentOS | 4 | x86_64 | dhcp-devel | < 3.0.1-68.el4 | dhcp-devel-3.0.1-68.el4.x86_64.rpm |
CentOS | 5 | i386 | dhclient | < 3.0.5-29.el5_7.1 | dhclient-3.0.5-29.el5_7.1.i386.rpm |
CentOS | 5 | i386 | dhcp | < 3.0.5-29.el5_7.1 | dhcp-3.0.5-29.el5_7.1.i386.rpm |
CentOS | 5 | i386 | dhcp-devel | < 3.0.5-29.el5_7.1 | dhcp-devel-3.0.5-29.el5_7.1.i386.rpm |
CentOS | 5 | i386 | libdhcp4client | < 3.0.5-29.el5_7.1 | libdhcp4client-3.0.5-29.el5_7.1.i386.rpm |