Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-13529

Опубликовано: 10 мая 2021
Источник: debian
EPSS Низкий

Описание

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
systemdfixed249.4-2package

Примечания

  • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142

  • https://github.com/systemd/systemd/issues/16774

  • https://bugzilla.redhat.com/show_bug.cgi?id=1959397

  • Fixed by: https://github.com/systemd/systemd/commit/38e980a6a5a3442c2f48b1f827284388096d8ca5 (v249-rc2)

  • Generic DHCP protocol issue, negligible security impact

EPSS

Процентиль: 17%
0.00056
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-13529

CVSS3: 6.1
ubuntu
около 4 лет назад

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

redhat логотип

CVE-2020-13529

CVSS3: 6.1
redhat
около 4 лет назад

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

nvd логотип

CVE-2020-13529

CVSS3: 6.1
nvd
около 4 лет назад

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

github логотип

GHSA-44p7-qpr4-rgvf

CVSS3: 6.1
github
около 3 лет назад

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

oracle-oval логотип

ELSA-2021-4361

oracle-oval
больше 3 лет назад

ELSA-2021-4361: NetworkManager security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 17%
0.00056
Низкий