 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.72138 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandriva Security Advisory MDVSA-2012:115 (dhcp) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to dhcp announced via advisory MDVSA-2012:115. Multiple vulnerabilities has been discovered and corrected in ISC DHCP: An unexpected client identifier parameter can cause the ISC DHCP daemon to segmentation fault when running in DHCPv6 mode, resulting in a denial of service to further client requests. In order to exploit this condition, an attacker must be able to send requests to the DHCP server (CVE-2012-3570 An error in the handling of malformed client identifiers can cause a DHCP server running affected versions (see Impact) to enter a state where further client requests are not processed and the server process loops endlessly, consuming all available CPU cycles. Under normal circumstances this condition should not be triggered, but a non-conforming or malicious client could deliberately trigger it in a vulnerable server. In order to exploit this condition an attacker must be able to send requests to the DHCP server (CVE-2012-3571 Two memory leaks have been found and fixed in ISC DHCP. Both are reproducible when running in DHCPv6 mode (with the -6 command-line argument.) The first leak is confirmed to only affect servers operating in DHCPv6 mode, but based on initial code analysis the second may theoretically affect DHCPv4 servers (though this has not been demonstrated.) (CVE-2012-3954). The updated packages have been upgraded to the latest version (4.2.4-P1) which is not affected by these issues. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:115 Risk factor : High |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-3570 BugTraq ID: 54665 http://www.securityfocus.com/bid/54665 http://security.gentoo.org/glsa/glsa-201301-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:115 SuSE Security Announcement: openSUSE-SU-2012:1006 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-08/msg00030.html Common Vulnerability Exposure (CVE) ID: CVE-2012-3571 Debian Security Information: DSA-2516 (Google Search) http://www.debian.org/security/2012/dsa-2516 Debian Security Information: DSA-2519 (Google Search) http://www.debian.org/security/2012/dsa-2519 http://www.mandriva.com/security/advisories?name=MDVSA-2012:116 RedHat Security Advisories: RHSA-2012:1140 http://rhn.redhat.com/errata/RHSA-2012-1140.html RedHat Security Advisories: RHSA-2012:1141 http://rhn.redhat.com/errata/RHSA-2012-1141.html http://www.ubuntu.com/usn/USN-1519-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-3954 http://www.securitytracker.com/id?1027300 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |