Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.72212
Categoría:Ubuntu Local Security Checks
Título:Ubuntu USN-1571-1 (isc-dhcp-client)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to isc-dhcp-client
announced via advisory USN-1571-1.

Details:

Glen Eustace discovered that the DHCP server incorrectly handled IPv6
expiration times. A remote attacker could use this issue to cause DHCP to
crash, resulting in a denial of service. This issue only affected Ubuntu
11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-3955)

Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by
using environment variables. This update mitigates the issue by sanitizing
certain variables in the DHCP shell scripts.

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
isc-dhcp-client 4.1.ESV-R4-0ubuntu5.5
isc-dhcp-server 4.1.ESV-R4-0ubuntu5.5

Ubuntu 11.10:
isc-dhcp-client 4.1.1-P1-17ubuntu10.5
isc-dhcp-server 4.1.1-P1-17ubuntu10.5

Ubuntu 11.04:
isc-dhcp-client 4.1.1-P1-15ubuntu9.6
isc-dhcp-server 4.1.1-P1-15ubuntu9.6

Ubuntu 10.04 LTS:
dhcp3-client 3.1.3-2ubuntu3.4
dhcp3-server 3.1.3-2ubuntu3.4

http://www.securityspace.com/smysecure/catid.html?in=USN-1571-1

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3955
BugTraq ID: 55530
http://www.securityfocus.com/bid/55530
Debian Security Information: DSA-2551 (Google Search)
http://www.debian.org/security/2012/dsa-2551
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html
http://security.gentoo.org/glsa/glsa-201301-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:153
RedHat Security Advisories: RHSA-2013:0504
http://rhn.redhat.com/errata/RHSA-2013-0504.html
http://www.securitytracker.com/id?1027528
http://secunia.com/advisories/51318
SuSE Security Announcement: openSUSE-SU-2012:1234 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html
SuSE Security Announcement: openSUSE-SU-2012:1252 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html
SuSE Security Announcement: openSUSE-SU-2012:1254 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html
http://www.ubuntu.com/usn/USN-1571-1
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.