Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

openSUSE-SU-2018:0827-1

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 27 ΠΌΠ°Ρ€. 2018
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: suse-cvrf

ОписаниС

Security update for dhcp

This update for dhcp fixes the following issues:

Security issues fixed:

  • CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303).
  • CVE-2018-5732: buffer overflow in dhclient (bsc#1083302).

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Бписок ΠΏΠ°ΠΊΠ΅Ρ‚ΠΎΠ²

openSUSE Leap 42.3
dhcp-4.3.3-11.6.1
dhcp-client-4.3.3-11.6.1
dhcp-devel-4.3.3-11.6.1
dhcp-doc-4.3.3-11.6.1
dhcp-relay-4.3.3-11.6.1
dhcp-server-4.3.3-11.6.1

Бсылки

ОписаниС

Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΡ€ΠΎΠ΄ΡƒΠΊΡ‚Ρ‹
openSUSE Leap 42.3:dhcp-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-client-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-devel-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-doc-4.3.3-11.6.1
Бсылки

ОписаниС

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΡ€ΠΎΠ΄ΡƒΠΊΡ‚Ρ‹
openSUSE Leap 42.3:dhcp-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-client-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-devel-4.3.3-11.6.1
openSUSE Leap 42.3:dhcp-doc-4.3.3-11.6.1
Бсылки
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ openSUSE-SU-2018:0827-1