Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2018:0158
HistoryJan 26, 2018 - 1:23 a.m.

dhclient, dhcp security update

2018-01-2601:23:45
CentOS Project
lists.centos.org
141

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.144 Low

EPSS

Percentile

95.8%

JSON

CentOS Errata and Security Advisory CESA-2018:0158

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

  • It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port could use this flaw to exhaust file descriptors in the DHCP daemon, leading to a denial of service in the OMAPI functionality. (CVE-2017-3144)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2018-January/084887.html

Affected packages:
dhclient
dhcp
dhcp-common
dhcp-devel
dhcp-libs

Upstream details at:
https://access.redhat.com/errata/RHSA-2018:0158

Related

f5 1
openvas 11
nessus 19
ibm 5
nvd 1
cve 1
amazon 1
prion 1
redhatcve 1
debiancve 1
ubuntucve 1
checkpoint_advisories 1
redhat 1
oraclelinux 1
osv 2
mageia 1
cvelist 1
debian 2
gentoo 1
ubuntu 1
rosalinux 1
cloudfoundry 1
photon 5
f5
f5
K42266856 : DHCP vulnerability CVE-2017-3144
2018-01-31 00:00:00
openvas
openvas
CentOS Update for dhclient CESA-2018:0158 centos7
2018-01-26 00:00:00
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2018-1035)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2018-1036)
2020-01-23 00:00:00
nessus
nessus
EulerOS Virtualization 2.5.0 : dhcp (EulerOS-SA-2018-1241)
2018-09-18 00:00:00
RHEL 7 : dhcp (RHSA-2018:0158)
2018-01-25 00:00:00
SUSE SLED12 / SLES12 Security Update : dhcp (SUSE-SU-2018:0532-1)
2018-02-26 00:00:00
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in dhcp (CVE-2017-3144)
2018-07-26 20:25:47
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerabilty in dhcp (CVE-2017-3144)
2023-12-07 22:31:02
Security Bulletin: A vulnerability in DHCP affects PowerKVM
2018-06-18 01:41:33
nvd
nvd
CVE-2017-3144
2019-01-16 20:29:00
cve
cve
CVE-2017-3144
2019-01-16 20:29:00
amazon
amazon
Medium: dhcp
2018-02-20 21:48:00
prion
prion
Design/Logic Flaw
2019-01-16 20:29:00
redhatcve
redhatcve
CVE-2017-3144
2018-01-16 01:19:17
debiancve
debiancve
CVE-2017-3144
2019-01-16 20:29:00
ubuntucve
ubuntucve
CVE-2017-3144
2017-12-31 00:00:00
checkpoint_advisories
checkpoint_advisories
ISC DHCP Server OMAPI Disconnect Denial Of Service (CVE-2017-3144) - Ver2
2018-04-15 00:00:00
redhat
redhat
(RHSA-2018:0158) Moderate: dhcp security update
2018-01-25 09:25:11
oraclelinux
oraclelinux
dhcp security update
2018-01-25 00:00:00
osv
osv
CVE-2017-3144
2019-01-16 20:29:00
isc-dhcp - security update
2018-03-07 00:00:00
mageia
mageia
Updated dhcp packages fix security vulnerability
2017-12-21 20:43:29
cvelist
cvelist
CVE-2017-3144 Failure to properly clean up closed OMAPI connections can exhaust available sockets
2018-01-16 00:00:00
debian
debian
[SECURITY] [DSA 4133-1] isc-dhcp security update
2018-03-07 22:18:52
[SECURITY] [DSA 4133-1] isc-dhcp security update
2018-03-07 22:18:52
gentoo
gentoo
ISC DHCP: Multiple vulnerabilities
2018-04-08 00:00:00
ubuntu
ubuntu
DHCP vulnerabilities
2018-03-01 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1822
2021-07-02 16:37:55
cloudfoundry
cloudfoundry
USN-3586-1: DHCP vulnerabilities | Cloud Foundry
2018-05-02 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-3.0-0016
2019-05-30 00:00:00
Critical Photon OS Security Update - PHSA-2019-0016
2019-05-30 00:00:00
Critical Photon OS Security Update - PHSA-2019-0220
2019-03-29 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.144 Low

EPSS

Percentile

95.8%

JSON
Related for CESA-2018:0158
f51openvas11nessus19ibm5nvd1cve1amazon1prion1redhatcve1debiancve1ubuntucve1checkpoint_advisories1redhat1oraclelinux1osv2mageia1cvelist1debian2gentoo1ubuntu1rosalinux1cloudfoundry1photon5