Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1160
HistoryAug 16, 2011 - 1:04 p.m.

dhclient, dhcp, libdhcp4client security update

2011-08-1613:04:38
CentOS Project
lists.centos.org
45

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.963 High

EPSS

Percentile

99.6%

JSON

CentOS Errata and Security Advisory CESA-2011:1160

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

Two denial of service flaws were found in the way the dhcpd daemon handled
certain incomplete request packets. A remote attacker could use these flaws
to crash dhcpd via a specially-crafted request. (CVE-2011-2748,
CVE-2011-2749)

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct these issues. After installing this update, all
DHCP servers will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-August/079854.html
https://lists.centos.org/pipermail/centos-announce/2011-August/079855.html
https://lists.centos.org/pipermail/centos-announce/2011-September/079962.html
https://lists.centos.org/pipermail/centos-announce/2011-September/080013.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026472.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026473.html

Affected packages:
dhclient
dhcp
dhcp-devel
libdhcp4client
libdhcp4client-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1160

Related

nessus 18
openvas 28
fedora 4
freebsd 1
redhat 1
debian 1
securityvulns 4
ubuntu 1
oraclelinux 1
cve 2
checkpoint_advisories 1
prion 2
nvd 2
ubuntucve 2
debiancve 2
veracode 2
cvelist 2
gentoo 1
nessus
nessus
SuSE 10 Security Update : dhcp (ZYPP Patch Number 7716)
2011-12-13 00:00:00
Mandriva Linux Security Advisory : dhcp (MDVSA-2011:128)
2011-08-20 00:00:00
FreeBSD : isc-dhcp-server -- server halt upon processing certain packets (510b630e-c43b-11e0-916c-00e0815b8da8)
2011-08-15 00:00:00
openvas
openvas
Mandriva Update for dhcp MDVSA-2011:128 (dhcp)
2011-08-19 00:00:00
Fedora Update for dhcp FEDORA-2011-10667
2012-04-02 00:00:00
Ubuntu: Security Advisory (USN-1190-1)
2011-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: dhcp-4.2.1-10.P1.fc15
2011-08-26 18:50:32
[SECURITY] Fedora 16 Update: dhcp-4.2.2-1.fc16
2011-08-22 15:08:46
[SECURITY] Fedora 15 Update: dhcp-4.2.1-14.P1.fc15
2012-01-02 21:49:27
freebsd
freebsd
isc-dhcp-server -- server halt upon processing certain packets
2011-08-10 00:00:00
redhat
redhat
(RHSA-2011:1160) Moderate: dhcp security update
2011-08-15 00:00:00
debian
debian
[SECURITY] [DSA 2292-1] ISC DHCP security update
2011-08-11 05:33:46
securityvulns
securityvulns
ISC DHCPD DoS
2011-08-17 00:00:00
[SECURITY] [DSA 2292-1] ISC DHCP security update
2011-08-17 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-04-11 00:00:00
ubuntu
ubuntu
DHCP vulnerabilities
2011-08-15 00:00:00
oraclelinux
oraclelinux
dhcp security update
2011-08-15 00:00:00
cve
cve
CVE-2011-2748
2011-08-15 21:55:02
CVE-2011-2749
2011-08-15 21:55:02
checkpoint_advisories
checkpoint_advisories
ISC DHCP Server Packet Processing Denial of Service (CVE-2011-2748)
2011-12-06 00:00:00
prion
prion
Code injection
2011-08-15 21:55:00
Code injection
2011-08-15 21:55:00
nvd
nvd
CVE-2011-2748
2011-08-15 21:55:02
CVE-2011-2749
2011-08-15 21:55:02
ubuntucve
ubuntucve
CVE-2011-2748
2011-08-11 00:00:00
CVE-2011-2749
2011-08-11 00:00:00
debiancve
debiancve
CVE-2011-2748
2011-08-15 21:55:02
CVE-2011-2749
2011-08-15 21:55:02
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:03:44
Denial Of Service (DoS)
2020-04-10 01:03:45
cvelist
cvelist
CVE-2011-2749
2011-08-15 21:00:00
CVE-2011-2748
2011-08-15 21:00:00
gentoo
gentoo
ISC DHCP: Denial of service
2013-01-09 00:00:00

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.963 High

EPSS

Percentile

99.6%

JSON
Related for CESA-2011:1160
nessus18openvas28fedora4freebsd1redhat1debian1securityvulns4ubuntu1oraclelinux1cve2checkpoint_advisories1prion2nvd2ubuntucve2debiancve2veracode2cvelist2gentoo1