Red Hat Local Security Checks : RedHat Security Advisory RHSA-2010:0923

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69197

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2010:0923

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2010:0923.

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows
individual devices on an IP network to get their own network configuration
information, including an IP address, a subnet mask, and a broadcast
address. DHCPv6 is the DHCP protocol version for IPv6 networks.

A NULL pointer dereference flaw was discovered in the way the dhcpd daemon
parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd
via a specially-crafted DHCPv6 packet, if dhcpd was running as a DHCPv6
server. (CVE-2010-3611)

Users running dhcpd as a DHCPv6 server should upgrade to these updated
packages, which contain a backported patch to correct this issue. After
installing this update, all DHCP servers will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0923.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3611
BugTraq ID: 44615
http://www.securityfocus.com/bid/44615
CERT/CC vulnerability note: VU#102047
http://www.kb.cert.org/vuls/id/102047
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:226
http://osvdb.org/68999
http://www.redhat.com/support/errata/RHSA-2010-0923.html
http://secunia.com/advisories/42082
http://secunia.com/advisories/42345
http://secunia.com/advisories/42407
SuSE Security Announcement: SUSE-SR:2010:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
http://www.vupen.com/english/advisories/2010/2879
http://www.vupen.com/english/advisories/2010/3044
http://www.vupen.com/english/advisories/2010/3092
XForce ISS Database: iscdhcp-relayforward-dos(62965)
https://exchange.xforce.ibmcloud.com/vulnerabilities/62965

Copyright Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69197
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0923
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0923. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks. A NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially-crafted DHCPv6 packet, if dhcpd was running as a DHCPv6 server. (CVE-2010-3611) Users running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0923.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3611 BugTraq ID: 44615 http://www.securityfocus.com/bid/44615 CERT/CC vulnerability note: VU#102047 http://www.kb.cert.org/vuls/id/102047 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:226 http://osvdb.org/68999 http://www.redhat.com/support/errata/RHSA-2010-0923.html http://secunia.com/advisories/42082 http://secunia.com/advisories/42345 http://secunia.com/advisories/42407 SuSE Security Announcement: SUSE-SR:2010:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html http://www.vupen.com/english/advisories/2010/2879 http://www.vupen.com/english/advisories/2010/3044 http://www.vupen.com/english/advisories/2010/3092 XForce ISS Database: iscdhcp-relayforward-dos(62965) https://exchange.xforce.ibmcloud.com/vulnerabilities/62965
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com