ID CVE-2018-5732
Summary Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0042.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Added oracle-errwarn-message.patch - Resolves: #1570897 - Fix comamnd execution in NM script (CVE-2018-1111) - Resolves: #1550085 - CVE-2018-5733 Avoid reference overflow <[12:4.1.1-53.P1.2 - Resolves: #1550083 - CVE-2018-5732 Avoid options buffer overflow - Resolves: #1063217 - failover hangs with both potential-conflict
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 109830
    published 2018-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109830
    title OracleVM 3.3 / 3.4 : dhcp (OVMSA-2018-0042)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201804-05.NASL
    description The remote host is affected by the vulnerability described in GLSA-201804-05 (ISC DHCP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could execute arbitrary code, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There are no known workarounds at this time for CVE-2018-5732 or CVE-2018-5733. In accordance with upstream documentation, the recommended workaround for CVE-2017-3144 is, “to disallow access to the OMAPI control port from unauthorized clients (in accordance with best practices for server operation).”
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108926
    published 2018-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108926
    title GLSA-201804-05 : ISC DHCP: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4133.NASL
    description Several vulnerabilities have been discovered in the ISC DHCP client, relay and server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2017-3144 It was discovered that the DHCP server does not properly clean up closed OMAPI connections, which can lead to exhaustion of the pool of socket descriptors available to the DHCP server, resulting in denial of service. - CVE-2018-5732 Felix Wilhelm of the Google Security Team discovered that the DHCP client is prone to an out-of-bound memory access vulnerability when processing specially constructed DHCP options responses, resulting in potential execution of arbitrary code by a malicious DHCP server. - CVE-2018-5733 Felix Wilhelm of the Google Security Team discovered that the DHCP server does not properly handle reference counting when processing client requests. A malicious client can take advantage of this flaw to cause a denial of service (dhcpd crash) by sending large amounts of traffic.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107199
    published 2018-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107199
    title Debian DSA-4133-1 : isc-dhcp - security update
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2040C7F51E3A11E88AE90050569F0B83.NASL
    description ISC reports : Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107126
    published 2018-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107126
    title FreeBSD : isc-dhcp -- Multiple vulnerabilities (2040c7f5-1e3a-11e8-8ae9-0050569f0b83)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0024.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Added oracle-errwarn-message.patch - Resolves: #1550085 - CVE-2018-5733 Avoid reference overflow <[12:4.1.1-53.P1.2 - Resolves: #1550083 - CVE-2018-5732 Avoid options buffer overflow - Resolves: #1063217 - failover hangs with both potential-conflict - Resolves: #1363790 - dhclient does not update routing table after the lease   expiry - Resolves: #1321945 - dhclient hook script for Azure cloud - send unicast request/release via correct interface (#1297445) - Lease table overflow crash. (#1133917) - Add ignore-client-uids option. (#1196768) - dhclient-script: it's OK if the arping reply comes from our system. (#1204095) - VLAN ID is only bottom 12-bits of TCI. (#1259552) - dhclient: Make sure link-local address is ready in stateless mode. (#1263466) - dhclient-script: make_resolv_conf: Keep old nameservers   if server sends domain-name/search, but no nameservers. (#1269595) - Fix dhcrelay init script too. (#1187967) - Actually take IB MAC address into account when creating seed (#1185075) - Improve seeding the random number generator in dhclient (#1185075) - Fix dhcrelay6 init script (#1187967) - dhcrelay -6 was not working due to patch for #1001742 (#1151054) - option 97 - pxe-client-id (#1058674) - dhclient-script: PREINIT6: make sure link-local address is available (#1130804) - dhcpd generates spurious responses when seeing requests   from vlans on plain interface (#1150587) - Fix dhcpd/dhcrelay segfault if interface name longer than IFNAMSIZ (#1102662) - Fix parsing of lease file dates & times on 64-bit platforms (#1099698) - Fix dhcpd.leases reverting to root:root on every dhcpd start (#1067142)   New patch 'paranoia' merged with older 'paranoia-pid' patch - Add init script for dhcrelay IPv6 version (#1053155) - Fix handling of UDP packets with checksum 0xffff. (#1015997) - Add GUIDs in the DHCP logs for IPoIB. (#1064416) - Rotate the lease file when running in v6 mode. (#1053431) - Resolves: #1001742 - dhclient: Make setsockopt not-fatal also for SO_REUSEPORT - Resolves: #1001742 - dhclient: Bind socket to interface also for IPv6 - Don't crash on aliased infiniband interface. (#996518) - various memory leaks in omapi (#978420) - Modify the reply handling in the server code to send to a specified port   rather than to the source port for the incoming message. (#952126) - Multiple key statements in zone definition causes inappropriate error (#919221) - Make sure range6 is correct for subnet6 where it's declared (#902966) - Relay no longer crashes, when DHCP packet is received over interface   without any IPv4 address assigned. (#863936) - Expose next-server DHCPv4 option to dhclient script. (#658855)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107249
    published 2018-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107249
    title OracleVM 3.3 : dhcp (OVMSA-2018-0024)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-0469.NASL
    description An update for dhcp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107275
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107275
    title CentOS 6 : dhcp (CESA-2018:0469)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-0483.NASL
    description From Red Hat Security Advisory 2018:0483 : An update for dhcp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108273
    published 2018-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108273
    title Oracle Linux 7 : dhcp (ELSA-2018-0483)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1250.NASL
    description According to the versions of the dhcp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet.(CVE-2018-5732) - A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic.(CVE-2018-5733) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 117559
    published 2018-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117559
    title EulerOS Virtualization 2.5.0 : dhcp (EulerOS-SA-2018-1250)
  • NASL family Misc.
    NASL id ISC_DHCP_AA-01565_AA-01567.NASL
    description The DHCP server version installed on the remote host is 4.1.0 to 4.1-ESV-R15, or 4.2.0 to 4.2.8, or 4.3.0 to 4.3.6, or 4.4.0. It is, therefore, vulnerable to a denial of service condition with in the omapi_connection_writer() function of the omapip/buffer.c script due to improper handling of an empty message. A local attacker could potentially exhaust the available descriptors.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 107223
    published 2018-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107223
    title 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3586-1.NASL
    description Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2774) It was discovered that the DHCP server incorrectly handled socket descriptors. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2017-3144) Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. (CVE-2018-5732) Felix Wilhelm discovered that the DHCP server incorrectly handled reference counting. A remote attacker could possibly use this issue to cause the DHCP server to crash, resulting in a denial of service. (CVE-2018-5733). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107117
    published 2018-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107117
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : isc-dhcp vulnerabilities (USN-3586-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0812-1.NASL
    description This update for dhcp fixes the following issues: Security issues fixed : - CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303). - CVE-2018-5732: buffer overflow in dhclient (bsc#1083302). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108655
    published 2018-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108655
    title SUSE SLED12 / SLES12 Security Update : dhcp (SUSE-SU-2018:0812-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-0469.NASL
    description From Red Hat Security Advisory 2018:0469 : An update for dhcp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107247
    published 2018-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107247
    title Oracle Linux 6 : dhcp (ELSA-2018-0469)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-315.NASL
    description This update for dhcp fixes the following issues : Security issues fixed : - CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303). - CVE-2018-5732: buffer overflow in dhclient (bsc#1083302). This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108638
    published 2018-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108638
    title openSUSE Security Update : dhcp (openSUSE-2018-315)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0483.NASL
    description An update for dhcp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108274
    published 2018-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108274
    title RHEL 7 : dhcp (RHSA-2018:0483)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0469.NASL
    description An update for dhcp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107287
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107287
    title RHEL 6 : dhcp (RHSA-2018:0469)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1313.NASL
    description Several vulnerabilities have been discovered in the ISC DHCP client, relay and server. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2018-5732 Felix Wilhelm of the Google Security Team discovered that the DHCP client is prone to an out-of-bound memory access vulnerability when processing specially constructed DHCP options responses, resulting in potential execution of arbitrary code by a malicious DHCP server. CVE-2018-5733 Felix Wilhelm of the Google Security Team discovered that the DHCP server does not properly handle reference counting when processing client requests. A malicious client can take advantage of this flaw to cause a denial of service (dhcpd crash) by sending large amounts of traffic. For Debian 7 'Wheezy', these problems have been fixed in version 4.2.2.dfsg.1-5+deb70u9. We recommend that you upgrade your isc-dhcp packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108569
    published 2018-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108569
    title Debian DLA-1313-1 : isc-dhcp security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-5051DBD15E.NASL
    description Security fix for CVE-2018-5732 CVE-2018-5733 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107138
    published 2018-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107138
    title Fedora 27 : 12:dhcp (2018-5051dbd15e)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0810-1.NASL
    description This update for dhcp fixes the following issues: Security issues fixed : - CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303). - CVE-2018-5732: buffer overflow in dhclient (bsc#1083302). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108653
    published 2018-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108653
    title SUSE SLES11 Security Update : dhcp (SUSE-SU-2018:0810-1)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1072.NASL
    description According to the versions of the dhcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet.(CVE-2018-5732) - A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic.(CVE-2018-5733) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 109470
    published 2018-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109470
    title EulerOS 2.0 SP1 : dhcp (EulerOS-SA-2018-1072)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-0483.NASL
    description An update for dhcp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es) : * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108338
    published 2018-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108338
    title CentOS 7 : dhcp (CESA-2018:0483)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180312_DHCP_ON_SL7_X.NASL
    description Security Fix(es) : - dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) - dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108278
    published 2018-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108278
    title Scientific Linux Security Update : dhcp on SL7.x x86_64
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL08306700.NASL
    description An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. (CVE-2018-5732) Impact An attacker can cause a denial of service (DoS) of DHCP functionality on the F5 product management interface.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 118625
    published 2018-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118625
    title F5 Networks BIG-IP : DHCP client vulnerability (K08306700)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0810-2.NASL
    description This update for dhcp fixes the following issues : Security issues fixed : CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303). CVE-2018-5732: buffer overflow in dhclient (bsc#1083302). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 118346
    published 2018-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118346
    title SUSE SLES11 Security Update : dhcp (SUSE-SU-2018:0810-2)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-984.NASL
    description Buffer overflow in dhclient possibly allowing code execution triggered by malicious server An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. (CVE-2018-5732) Reference count overflow in dhcpd allows denial of service A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic. (CVE-2018-5733)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 109137
    published 2018-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109137
    title Amazon Linux 2 : dhcp (ALAS-2018-984)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180308_DHCP_ON_SL6_X.NASL
    description Security Fix(es) : - dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) - dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107250
    published 2018-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107250
    title Scientific Linux Security Update : dhcp on SL6.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-060-01.NASL
    description New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107102
    published 2018-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107102
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : dhcp (SSA:2018-060-01)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1073.NASL
    description According to the versions of the dhcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet.(CVE-2018-5732) - A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic.(CVE-2018-5733) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 109471
    published 2018-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109471
    title EulerOS 2.0 SP2 : dhcp (EulerOS-SA-2018-1073)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-984.NASL
    description Buffer overflow in dhclient possibly allowing code execution triggered by malicious server An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. (CVE-2018-5732) Reference count overflow in dhcpd allows denial of service A denial of service flaw was found in the way dhcpd handled reference counting when processing client requests. A malicious DHCP client could use this flaw to trigger a reference count overflow on the server side, potentially causing dhcpd to crash, by sending large amounts of traffic. (CVE-2018-5733)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 108847
    published 2018-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108847
    title Amazon Linux AMI : dhcp (ALAS-2018-984)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0023.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Added oracle-errwarn-message.patch - Resolves: #1550085 - CVE-2018-5733 Avoid reference overflow <[12:4.1.1-53.P1.2 - Resolves: #1550083 - CVE-2018-5732 Avoid options buffer overflow - Resolves: #1063217 - failover hangs with both potential-conflict - Resolves: #1363790 - dhclient does not update routing table after the lease   expiry - Resolves: #1321945 - dhclient hook script for Azure cloud - send unicast request/release via correct interface (#1297445) - Lease table overflow crash. (#1133917) - Add ignore-client-uids option. (#1196768) - dhclient-script: it's OK if the arping reply comes from our system. (#1204095) - VLAN ID is only bottom 12-bits of TCI. (#1259552) - dhclient: Make sure link-local address is ready in stateless mode. (#1263466) - dhclient-script: make_resolv_conf: Keep old nameservers   if server sends domain-name/search, but no nameservers. (#1269595)
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 107248
    published 2018-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107248
    title OracleVM 3.4 : dhcp (OVMSA-2018-0023)
redhat via4
rpms
  • dhclient-12:4.1.1-53.P1.el6_9.3
  • dhcp-12:4.1.1-53.P1.el6_9.3
  • dhcp-common-12:4.1.1-53.P1.el6_9.3
  • dhcp-devel-12:4.1.1-53.P1.el6_9.3
  • dhclient-12:4.2.5-58.el7_4.3
  • dhcp-12:4.2.5-58.el7_4.3
  • dhcp-common-12:4.2.5-58.el7_4.3
  • dhcp-devel-12:4.2.5-58.el7_4.3
  • dhcp-libs-12:4.2.5-58.el7_4.3
Last major update 09-10-2019 - 12:21
Published 09-10-2019 - 12:15
Last modified 09-10-2019 - 12:21
Back to Top