Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2019:2060
HistoryAug 30, 2019 - 2:41 a.m.

dhclient, dhcp security update

2019-08-3002:41:23
CentOS Project
lists.centos.org
232

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.1%

JSON

CentOS Errata and Security Advisory CESA-2019:2060

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

Security Fix(es):

  • dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2019-August/032117.html

Affected packages:
dhclient
dhcp
dhcp-common
dhcp-devel
dhcp-libs

Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2060

Related

nessus 31
openvas 14
ubuntu 1
suse 2
oraclelinux 2
nvd 1
cve 1
cbl_mariner 3
f5 1
osv 1
redhat 2
amazon 1
redhatcve 1
prion 1
cvelist 1
ubuntucve 1
alpinelinux 1
veracode 1
debiancve 1
photon 7
rosalinux 1
nessus
nessus
Amazon Linux 2 : dhcp (ALAS-2019-1346)
2019-11-07 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : dhcp Vulnerability (NS-SA-2019-0231)
2019-12-31 00:00:00
Photon OS 1.0: Bindutils PHSA-2020-1.0-0287
2020-04-15 00:00:00
openvas
openvas
openSUSE: Security Advisory for dhcp (openSUSE-SU-2019:2341-1)
2020-01-09 00:00:00
openSUSE: Security Advisory for dhcp (openSUSE-SU-2019:2340-1)
2019-10-21 00:00:00
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2568)
2020-01-23 00:00:00
ubuntu
ubuntu
DHCP vulnerability
2019-05-13 00:00:00
suse
suse
Security update for dhcp (moderate)
2019-10-20 00:00:00
Security update for dhcp (moderate)
2019-10-20 00:00:00
oraclelinux
oraclelinux
dhcp security and bug fix update
2019-11-14 00:00:00
dhcp security and bug fix update
2019-08-13 00:00:00
nvd
nvd
CVE-2019-6470
2019-11-01 23:15:10
cve
cve
CVE-2019-6470
2019-11-01 23:15:10
cbl_mariner
cbl_mariner
CVE-2019-6470 affecting package bind 9.16.37-2
2021-05-16 16:46:11
CVE-2019-6470 affecting package bind for versions less than 9.16.15-3
2022-04-09 06:51:52
CVE-2019-6470 affecting package bind for versions less than 9.16.44-2
2024-03-19 17:21:46
f5
f5
K39573942 : DHCP vulnerability CVE-2019-6470
2019-09-04 00:00:00
osv
osv
CVE-2019-6470
2019-11-01 23:15:10
redhat
redhat
(RHSA-2019:3525) Moderate: dhcp security and bug fix update
2019-11-05 17:56:03
(RHSA-2019:2060) Moderate: dhcp security and bug fix update
2019-08-06 07:56:37
amazon
amazon
Medium: dhcp
2019-11-04 22:05:00
redhatcve
redhatcve
CVE-2019-6470
2019-05-10 13:20:13
prion
prion
Code injection
2019-11-01 23:15:00
cvelist
cvelist
CVE-2019-6470 dhcpd: use-after-free error leads crash in IPv6 mode when using mismatched BIND libraries
2019-05-11 00:00:00
ubuntucve
ubuntucve
CVE-2019-6470
2019-05-03 00:00:00
alpinelinux
alpinelinux
CVE-2019-6470
2019-11-01 23:15:10
veracode
veracode
Denial Of Service (Dos)
2019-08-08 00:07:17
debiancve
debiancve
CVE-2019-6470
2019-11-01 23:15:10
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0521
2023-01-30 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0223
2020-03-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0223
2020-04-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2245
2023-10-17 12:03:14

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.1%

JSON
Related for CESA-2019:2060
nessus31openvas14ubuntu1suse2oraclelinux2nvd1cve1cbl_mariner3f51osv1redhat2amazon1redhatcve1prion1cvelist1ubuntucve1alpinelinux1veracode1debiancve1photon7rosalinux1