Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.72212 |
Categoría: | Ubuntu Local Security Checks |
Título: | Ubuntu USN-1571-1 (isc-dhcp-client) |
Resumen: | NOSUMMARY |
Descripción: | Description: The remote host is missing an update to isc-dhcp-client announced via advisory USN-1571-1. Details: Glen Eustace discovered that the DHCP server incorrectly handled IPv6 expiration times. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. This issue only affected Ubuntu 11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-3955) Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by using environment variables. This update mitigates the issue by sanitizing certain variables in the DHCP shell scripts. Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: isc-dhcp-client 4.1.ESV-R4-0ubuntu5.5 isc-dhcp-server 4.1.ESV-R4-0ubuntu5.5 Ubuntu 11.10: isc-dhcp-client 4.1.1-P1-17ubuntu10.5 isc-dhcp-server 4.1.1-P1-17ubuntu10.5 Ubuntu 11.04: isc-dhcp-client 4.1.1-P1-15ubuntu9.6 isc-dhcp-server 4.1.1-P1-15ubuntu9.6 Ubuntu 10.04 LTS: dhcp3-client 3.1.3-2ubuntu3.4 dhcp3-server 3.1.3-2ubuntu3.4 http://www.securityspace.com/smysecure/catid.html?in=USN-1571-1 CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-3955 BugTraq ID: 55530 http://www.securityfocus.com/bid/55530 Debian Security Information: DSA-2551 (Google Search) http://www.debian.org/security/2012/dsa-2551 http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086992.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/088882.html http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088220.html http://security.gentoo.org/glsa/glsa-201301-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:153 RedHat Security Advisories: RHSA-2013:0504 http://rhn.redhat.com/errata/RHSA-2013-0504.html http://www.securitytracker.com/id?1027528 http://secunia.com/advisories/51318 SuSE Security Announcement: openSUSE-SU-2012:1234 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00088.html SuSE Security Announcement: openSUSE-SU-2012:1252 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00103.html SuSE Security Announcement: openSUSE-SU-2012:1254 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00105.html http://www.ubuntu.com/usn/USN-1571-1 |
Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |