SUSE-SU-2016:2024-1

Опубликовано: 10 авг. 2016

Источник: suse-cvrf

Описание

Security update for dhcp

This update for dhcp fixes the following issues:

CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used by network adjacent attackers to make the DHCP server non-functional (bsc#969820).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Linux Enterprise Server 11 SP3-LTSS

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Linux Enterprise Server 11 SP3-TERADATA

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Linux Enterprise Server 11 SP4

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Linux Enterprise Software Development Kit 11 SP4

dhcp-devel-4.2.4.P2-0.27.1

SUSE Manager 2.1

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE Manager Proxy 2.1

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

SUSE OpenStack Cloud 5

dhcp-4.2.4.P2-0.27.1

dhcp-client-4.2.4.P2-0.27.1

dhcp-relay-4.2.4.P2-0.27.1

dhcp-server-4.2.4.P2-0.27.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20162024-1/
Link for SUSE-SU-2016:2024-1
https://lists.suse.com/pipermail/sle-security-updates/2016-August/002204.html
E-Mail link for SUSE-SU-2016:2024-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/969820
SUSE Bug 969820
https://www.suse.com/security/cve/CVE-2016-2774/
SUSE CVE CVE-2016-2774 page

Описание

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:dhcp-4.2.4.P2-0.27.1

SUSE Linux Enterprise Point of Sale 11 SP3:dhcp-client-4.2.4.P2-0.27.1

SUSE Linux Enterprise Point of Sale 11 SP3:dhcp-relay-4.2.4.P2-0.27.1

SUSE Linux Enterprise Point of Sale 11 SP3:dhcp-server-4.2.4.P2-0.27.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2774.html
CVE-2016-2774
https://bugzilla.suse.com/969820
SUSE Bug 969820

SUSE-SU-2016:2024-1

Описание

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

SUSE Linux Enterprise Server 11 SP3-LTSS

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP4

SUSE Manager 2.1

SUSE Manager Proxy 2.1

SUSE OpenStack Cloud 5

Ссылки

Уязвимость: CVE-2016-2774

Описание

Затронутые продукты

Ссылки