ID de Prueba:	1.3.6.1.4.1.25623.1.0.58682
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0970
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0970. The dhcp package provides the ISC Dynamic Host Configuration Protocol (DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows devices to get their own network configuration information from a server. A bug was found in the way dhcpd validates certain DHCP protocol options. A malicious DHCP client could send a carefully crafted DHCP request and cause dhcpd to crash or possibly execute arbitrary code. (CVE-2007-5365) All users of dhcp should upgrade to this updated package, which contains a backported patch that resolves this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0970.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5365 BugTraq ID: 25984 http://www.securityfocus.com/bid/25984 BugTraq ID: 32213 http://www.securityfocus.com/bid/32213 Bugtraq: 20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSDâ??s DHCP server (Google Search) http://www.securityfocus.com/archive/1/482085/100/100/threaded Bugtraq: 20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365) (Google Search) http://www.securityfocus.com/archive/1/483230/100/100/threaded Debian Security Information: DSA-1388 (Google Search) http://www.debian.org/security/2007/dsa-1388 https://www.exploit-db.com/exploits/4601 http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962 OpenBSD Security Advisory: [4.0] 20071008 016: SECURITY FIX: October 8, 2007 http://www.openbsd.org/errata40.html#016_dhcpd OpenBSD Security Advisory: [4.1] 20071008 010: SECURITY FIX: October 8, 2007 http://www.openbsd.org/errata41.html#010_dhcpd OpenBSD Security Advisory: [4.2] 20071008 001: SECURITY FIX: October 8, 2007 http://www.openbsd.org/errata42.html#001_dhcpd https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817 http://www.redhat.com/support/errata/RHSA-2007-0970.html http://www.securitytracker.com/id?1018794 http://securitytracker.com/id?1021157 http://secunia.com/advisories/27160 http://secunia.com/advisories/27273 http://secunia.com/advisories/27338 http://secunia.com/advisories/27350 http://secunia.com/advisories/32668 http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1 http://www.ubuntu.com/usn/usn-531-1 http://www.ubuntu.com/usn/usn-531-2 http://www.vupen.com/english/advisories/2008/3088 XForce ISS Database: openbsd-dhcp-bo(37045) https://exchange.xforce.ibmcloud.com/vulnerabilities/37045
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.