Red Hat Local Security Checks : RedHat Security Advisory RHSA-2012:1140

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71446

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2012:1140

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2012:1140.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

A denial of service flaw was found in the way the dhcpd daemon handled
zero-length client identifiers. A remote attacker could use this flaw to
send a specially-crafted request to dhcpd, possibly causing it to enter an
infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571)

Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as
the original reporter of this issue.

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing this update, all
DHCP servers will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2012-1140.html
http://www.isc.org/software/dhcp/advisories/cve-2012-3571

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3571
BugTraq ID: 54665
http://www.securityfocus.com/bid/54665
Debian Security Information: DSA-2516 (Google Search)
http://www.debian.org/security/2012/dsa-2516
Debian Security Information: DSA-2519 (Google Search)
http://www.debian.org/security/2012/dsa-2519
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:115
http://www.mandriva.com/security/advisories?name=MDVSA-2012:116
RedHat Security Advisories: RHSA-2012:1140
http://rhn.redhat.com/errata/RHSA-2012-1140.html
RedHat Security Advisories: RHSA-2012:1141
http://rhn.redhat.com/errata/RHSA-2012-1141.html
SuSE Security Announcement: openSUSE-SU-2012:1006 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html
http://www.ubuntu.com/usn/USN-1519-1

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71446
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2012:1140
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2012:1140. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571) Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as the original reporter of this issue. Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2012-1140.html http://www.isc.org/software/dhcp/advisories/cve-2012-3571 Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3571 BugTraq ID: 54665 http://www.securityfocus.com/bid/54665 Debian Security Information: DSA-2516 (Google Search) http://www.debian.org/security/2012/dsa-2516 Debian Security Information: DSA-2519 (Google Search) http://www.debian.org/security/2012/dsa-2519 http://security.gentoo.org/glsa/glsa-201301-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:115 http://www.mandriva.com/security/advisories?name=MDVSA-2012:116 RedHat Security Advisories: RHSA-2012:1140 http://rhn.redhat.com/errata/RHSA-2012-1140.html RedHat Security Advisories: RHSA-2012:1141 http://rhn.redhat.com/errata/RHSA-2012-1141.html SuSE Security Announcement: openSUSE-SU-2012:1006 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html http://www.ubuntu.com/usn/USN-1519-1
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com