This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DHCP:SERVER:ISC-DUID-BO
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
DHCP
|
Keywords |
ISC DHCP Server DUID Handling Stack Buffer Overflow
|
Release Date |
2013/01/08
|
Update Number |
2223
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DHCP: ISC DHCP Server DUID Handling Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability in ISC DHCP Server. It is due to lack of bounds checking when parsing the client DUID (DHCP unique identifier). Successful exploitation would result in execution of arbitrary code in the context of the affected application. Failed exploitation will cause denial-of-service.
Extended Description
ISC DHCP is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to cause the affected application to crash, resulting in a denial-of-service condition.
Affected Products
- Debian linux 6.0 amd64
- Debian linux 6.0 arm
- Debian linux 6.0 ia-32
- Debian linux 6.0 ia-64
- Debian linux 6.0 mips
- Debian linux 6.0 powerpc
- Debian linux 6.0 s/390
- Debian linux 6.0 sparc
- Isc dhcp_server 4.1.2
- Isc dhcp_server 4.1-ESV-R1
- Isc dhcp_server 4.1-ESV-R3
- Isc dhcp_server 4.1-ESV-R4
- Isc dhcp_server 4.1-ESV-R5
- Isc dhcp_server 4.2
- Isc dhcp_server 4.2.0-P1
- Isc dhcp_server 4.2.2
- Isc dhcp_server 4.2.3
- Isc dhcp_server 4.2.4
- Mandriva enterprise_server 5
- Mandriva enterprise_server 5 X86 64
- Mandriva linux_mandrake 2011
- Mandriva linux_mandrake 2011 x86_64
- Oracle enterprise_linux 5
- Oracle enterprise_linux 6
- Oracle enterprise_linux 6.2
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop 6
- Red_hat enterprise_linux_desktop_optional 6
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_hpc_node 6
- Red_hat enterprise_linux_hpc_node_optional 6
- Red_hat enterprise_linux_server 6
- Red_hat enterprise_linux_server_optional 6
- Red_hat enterprise_linux_workstation 6
- Red_hat enterprise_linux_workstation_optional 6
- Red_hat fedora 17
- Ubuntu ubuntu_linux 11.04 amd64
- Ubuntu ubuntu_linux 11.04 ARM
- Ubuntu ubuntu_linux 11.04 i386
- Ubuntu ubuntu_linux 11.04 powerpc
- Ubuntu ubuntu_linux 11.10 amd64
- Ubuntu ubuntu_linux 11.10 i386
- Ubuntu ubuntu_linux 12.04 LTS amd64
- Ubuntu ubuntu_linux 12.04 LTS i386
References