 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.64460 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandrake Security Advisory MDVSA-2009:153 (dhcp) |
| Zusammenfassung: | The remote host is missing an update to dhcp;announced via advisory MDVSA-2009:153. |
| Beschreibung: | Summary: The remote host is missing an update to dhcp announced via advisory MDVSA-2009:153. Vulnerability Insight: A vulnerability has been found and corrected in ISC DHCP: Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1, and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients (CVE-2007-0062). This update provides fixes for this vulnerability. Affected: 2008.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-0062 BugTraq ID: 25729 http://www.securityfocus.com/bid/25729 Bugtraq: 20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client (Google Search) http://www.securityfocus.com/archive/1/501759/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml http://security.gentoo.org/glsa/glsa-200808-05.xml ISS Security Advisory: 20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities http://www.iss.net/threats/275.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:153 http://www.securitytracker.com/id?1018717 http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://secunia.com/advisories/31396 http://secunia.com/advisories/34263 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://www.ubuntu.com/usn/usn-543-1 http://www.vupen.com/english/advisories/2007/3229 XForce ISS Database: dhcp-param-overflow(33102) https://exchange.xforce.ibmcloud.com/vulnerabilities/33102 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |