cnvd - cnvd-2018-04330

cnvd-2018-04330

Vulnerability from cnvd

Title: ISC DHCP OMAPI Connections拒绝服务漏洞

Description:

ISC DHCP是美国Internet Systems Consortium（ISC）公司的一套开源的动态主机配置协议服务器软件。

ISC DHCP 4.1.0版本至4.1-ESV-R15版本、4.2.0版本至4.2.8版本和4.3.0版本至4.3.6版本中存在远程拒绝服务漏洞。远程攻击者可利用该漏洞造成拒绝服务（资源耗尽）。

Severity: 中

Patch Name: ISC DHCP OMAPI Connections拒绝服务漏洞的补丁

Patch Description:

ISC DHCP是美国Internet Systems Consortium（ISC）公司的一套开源的动态主机配置协议服务器软件。

ISC DHCP 4.1.0版本至4.1-ESV-R15版本、4.2.0版本至4.2.8版本和4.3.0版本至4.3.6版本中存在远程拒绝服务漏洞。远程攻击者可利用该漏洞造成拒绝服务（资源耗尽）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://kb.isc.org/article/AA-01541

Reference: https://tools.cisco.com/security/center/viewAlert.x?alertId=56483

Impacted products

Name
['ISC DHCP >=4.1.0，<=4.1-ESV-R15', 'ISC DHCP >=4.2.0，<=4.2.8', 'ISC DHCP >=4.3.0，<=4.3.6']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-3144"
    }
  },
  "description": "ISC DHCP\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u52a8\u6001\u4e3b\u673a\u914d\u7f6e\u534f\u8bae\u670d\u52a1\u5668\u8f6f\u4ef6\u3002\r\n\r\nISC DHCP 4.1.0\u7248\u672c\u81f34.1-ESV-R15\u7248\u672c\u30014.2.0\u7248\u672c\u81f34.2.8\u7248\u672c\u548c4.3.0\u7248\u672c\u81f34.3.6\u7248\u672c\u4e2d\u5b58\u5728\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u8017\u5c3d\uff09\u3002",
  "discovererName": "ISC",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.isc.org/article/AA-01541",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04330",
  "openTime": "2018-03-06",
  "patchDescription": "ISC DHCP\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u52a8\u6001\u4e3b\u673a\u914d\u7f6e\u534f\u8bae\u670d\u52a1\u5668\u8f6f\u4ef6\u3002\r\n\r\nISC DHCP 4.1.0\u7248\u672c\u81f34.1-ESV-R15\u7248\u672c\u30014.2.0\u7248\u672c\u81f34.2.8\u7248\u672c\u548c4.3.0\u7248\u672c\u81f34.3.6\u7248\u672c\u4e2d\u5b58\u5728\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u8017\u5c3d\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ISC DHCP OMAPI Connections\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ISC DHCP \u003e=4.1.0\uff0c\u003c=4.1-ESV-R15",
      "ISC DHCP \u003e=4.2.0\uff0c\u003c=4.2.8",
      "ISC DHCP \u003e=4.3.0\uff0c\u003c=4.3.6"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/viewAlert.x?alertId=56483",
  "serverity": "\u4e2d",
  "submitTime": "2018-01-18",
  "title": "ISC DHCP OMAPI Connections\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2017-3144 (GCVE-0-2017-3144)

Vulnerability from cvelistv5

Published

2019-01-16 20:00

Modified

2024-09-16 22:46

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

By intentionally exploiting this vulnerability an attacker who is permitted to establish connections to the OMAPI control port can exhaust the pool of socket descriptors available to the DHCP server. Once exhausted, the server will not accept additional connections, potentially denying access to legitimate connections from the server operator. While the server will continue to receive and service DHCP client requests, the operator can be blocked from the ability to use OMAPI to control server state, add new lease reservations, etc.

Summary

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2018:0158	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2018/dsa-4133	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/102726	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1040194	vdb-entry, x_refsource_SECTRACK
	https://usn.ubuntu.com/3586-1/	vendor-advisory, x_refsource_UBUNTU
	https://kb.isc.org/docs/aa-01541	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	ISC	ISC DHCP	Version: ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:16:28.230Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:0158",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0158"
          },
          {
            "name": "DSA-4133",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4133"
          },
          {
            "name": "102726",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102726"
          },
          {
            "name": "1040194",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040194"
          },
          {
            "name": "USN-3586-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3586-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/docs/aa-01541"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ISC DHCP",
          "vendor": "ISC",
          "versions": [
            {
              "status": "affected",
              "version": "ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested."
            }
          ]
        }
      ],
      "datePublic": "2018-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "By intentionally exploiting this vulnerability an attacker who is permitted to establish connections to the OMAPI control port can exhaust the pool of socket descriptors available to the DHCP server.\n\nOnce exhausted, the server will not accept additional connections, potentially denying access to legitimate connections from the server operator.  While the server will continue to receive and service DHCP client requests, the operator can be blocked from the ability to use OMAPI to control server state, add new lease reservations, etc.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-17T10:57:01",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "RHSA-2018:0158",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0158"
        },
        {
          "name": "DSA-4133",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4133"
        },
        {
          "name": "102726",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102726"
        },
        {
          "name": "1040194",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040194"
        },
        {
          "name": "USN-3586-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3586-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.isc.org/docs/aa-01541"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Failure to properly clean up closed OMAPI connections can exhaust available sockets",
      "workarounds": [
        {
          "lang": "en",
          "value": "The recommended remedy is to disallow access to the OMAPI control port from unauthorized clients (in accordance with best practices for server operation)."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-officer@isc.org",
          "DATE_PUBLIC": "2018-01-16T00:00:00.000Z",
          "ID": "CVE-2017-3144",
          "STATE": "PUBLIC",
          "TITLE": "Failure to properly clean up closed OMAPI connections can exhaust available sockets"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ISC DHCP",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "ISC DHCP",
                            "version_value": "4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6.  Older versions may also be affected but are well beyond their end-of-life (EOL).  Releases prior to 4.1.0 have not been tested."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ISC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "By intentionally exploiting this vulnerability an attacker who is permitted to establish connections to the OMAPI control port can exhaust the pool of socket descriptors available to the DHCP server.\n\nOnce exhausted, the server will not accept additional connections, potentially denying access to legitimate connections from the server operator.  While the server will continue to receive and service DHCP client requests, the operator can be blocked from the ability to use OMAPI to control server state, add new lease reservations, etc."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:0158",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0158"
            },
            {
              "name": "DSA-4133",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4133"
            },
            {
              "name": "102726",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102726"
            },
            {
              "name": "1040194",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040194"
            },
            {
              "name": "USN-3586-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3586-1/"
            },
            {
              "name": "https://kb.isc.org/docs/aa-01541",
              "refsource": "CONFIRM",
              "url": "https://kb.isc.org/docs/aa-01541"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The recommended remedy is to disallow access to the OMAPI control port from unauthorized clients (in accordance with best practices for server operation)."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2017-3144",
    "datePublished": "2019-01-16T20:00:00Z",
    "dateReserved": "2016-12-02T00:00:00",
    "dateUpdated": "2024-09-16T22:46:13.879Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted