Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:1136

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64386

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2009:1136

Resumen: The remote host is missing updates announced in;advisory RHSA-2009:1136.;;The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows;individual devices on an IP network to get their own network configuration;information, including an IP address, a subnet mask, and a broadcast;address.;;The Mandriva Linux Engineering Team discovered a stack-based buffer;overflow flaw in the ISC DHCP client. If the DHCP client were to receive a;malicious DHCP response, it could crash or execute arbitrary code with the;permissions of the client (root). (CVE-2009-0692);;Users of DHCP should upgrade to these updated packages, which contain a;backported patch to correct this issue.

Descripción: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1136.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address.

The Mandriva Linux Engineering Team discovered a stack-based buffer
overflow flaw in the ISC DHCP client. If the DHCP client were to receive a
malicious DHCP response, it could crash or execute arbitrary code with the
permissions of the client (root). (CVE-2009-0692)

Users of DHCP should upgrade to these updated packages, which contain a
backported patch to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0692
BugTraq ID: 35668
http://www.securityfocus.com/bid/35668
CERT/CC vulnerability note: VU#410676
http://www.kb.cert.org/vuls/id/410676
Debian Security Information: DSA-1833 (Google Search)
http://www.debian.org/security/2009/dsa-1833
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.html
http://security.gentoo.org/glsa/glsa-200907-12.xml
HPdes Security Advisory: HPSBMA02554
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
HPdes Security Advisory: SSRT100018
http://www.mandriva.com/security/advisories?name=MDVSA-2009:151
NETBSD Security Advisory: NetBSD-SA2009-010
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-010.txt.asc
http://www.osvdb.org/55819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5941
http://www.redhat.com/support/errata/RHSA-2009-1136.html
http://www.redhat.com/support/errata/RHSA-2009-1154.html
http://www.securitytracker.com/id?1022548
http://secunia.com/advisories/35785
http://secunia.com/advisories/35829
http://secunia.com/advisories/35830
http://secunia.com/advisories/35831
http://secunia.com/advisories/35832
http://secunia.com/advisories/35841
http://secunia.com/advisories/35849
http://secunia.com/advisories/35850
http://secunia.com/advisories/35851
http://secunia.com/advisories/35880
http://secunia.com/advisories/36457
http://secunia.com/advisories/37342
http://secunia.com/advisories/40551
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561471
SuSE Security Announcement: SUSE-SA:2009:037 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.html
http://www.ubuntu.com/usn/usn-803-1
http://www.vupen.com/english/advisories/2009/1891
http://www.vupen.com/english/advisories/2010/1796

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64386
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1136
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:1136.;;The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows;individual devices on an IP network to get their own network configuration;information, including an IP address, a subnet mask, and a broadcast;address.;;The Mandriva Linux Engineering Team discovered a stack-based buffer;overflow flaw in the ISC DHCP client. If the DHCP client were to receive a;malicious DHCP response, it could crash or execute arbitrary code with the;permissions of the client (root). (CVE-2009-0692);;Users of DHCP should upgrade to these updated packages, which contain a;backported patch to correct this issue.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1136. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692) Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0692 BugTraq ID: 35668 http://www.securityfocus.com/bid/35668 CERT/CC vulnerability note: VU#410676 http://www.kb.cert.org/vuls/id/410676 Debian Security Information: DSA-1833 (Google Search) http://www.debian.org/security/2009/dsa-1833 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00340.html http://security.gentoo.org/glsa/glsa-200907-12.xml HPdes Security Advisory: HPSBMA02554 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 HPdes Security Advisory: SSRT100018 http://www.mandriva.com/security/advisories?name=MDVSA-2009:151 NETBSD Security Advisory: NetBSD-SA2009-010 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-010.txt.asc http://www.osvdb.org/55819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5941 http://www.redhat.com/support/errata/RHSA-2009-1136.html http://www.redhat.com/support/errata/RHSA-2009-1154.html http://www.securitytracker.com/id?1022548 http://secunia.com/advisories/35785 http://secunia.com/advisories/35829 http://secunia.com/advisories/35830 http://secunia.com/advisories/35831 http://secunia.com/advisories/35832 http://secunia.com/advisories/35841 http://secunia.com/advisories/35849 http://secunia.com/advisories/35850 http://secunia.com/advisories/35851 http://secunia.com/advisories/35880 http://secunia.com/advisories/36457 http://secunia.com/advisories/37342 http://secunia.com/advisories/40551 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561471 SuSE Security Announcement: SUSE-SA:2009:037 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00003.html http://www.ubuntu.com/usn/usn-803-1 http://www.vupen.com/english/advisories/2009/1891 http://www.vupen.com/english/advisories/2010/1796
Copyright	Copyright (C) 2009 E-Soft Inc.