Описание
Security update for dhcp
This update for dhcp fixes the following issues:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
Список пакетов
SUSE Linux Enterprise Server 11 SP2-LTSS
dhcp-4.2.4.P2-0.11.15.1
dhcp-client-4.2.4.P2-0.11.15.1
dhcp-relay-4.2.4.P2-0.11.15.1
dhcp-server-4.2.4.P2-0.11.15.1
Ссылки
- Link for SUSE-SU-2016:1735-1
- E-Mail link for SUSE-SU-2016:1735-1
- SUSE Security Ratings
- SUSE Bug 969820
- SUSE CVE CVE-2016-2774 page
Описание
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcp-4.2.4.P2-0.11.15.1
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcp-client-4.2.4.P2-0.11.15.1
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcp-relay-4.2.4.P2-0.11.15.1
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcp-server-4.2.4.P2-0.11.15.1
Ссылки
- CVE-2016-2774
- SUSE Bug 969820