Red Hat Local Security Checks : RedHat Update for dhcp RHSA-2016:2590-02

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871705

Categoría: Red Hat Local Security Checks

Título: RedHat Update for dhcp RHSA-2016:2590-02

Resumen: The remote host is missing an update for the 'dhcp'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'dhcp'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Dynamic Host Configuration Protocol
(DHCP) is a protocol that allows individual devices on an IP network to get their
own network configuration information, including an IP address, a subnet mask,
and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP
service required to enable and administer DHCP on a network.

Security Fix(es):

* A resource-consumption flaw was discovered in the DHCP server. dhcpd did
not restrict the number of open connections to OMAPI and failover ports. A
remote attacker able to establish TCP connections to one of these ports
could use this flaw to cause dhcpd to exit unexpectedly, stop responding
requests, or exhaust system sockets (denial of service). (CVE-2016-2774)

Red Hat would like to thank ISC for reporting this issue.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section.

Affected Software/OS:
dhcp on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-2774
BugTraq ID: 84208
http://www.securityfocus.com/bid/84208
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183640.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183458.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00023.html
RedHat Security Advisories: RHSA-2016:2590
http://rhn.redhat.com/errata/RHSA-2016-2590.html
http://www.securitytracker.com/id/1035196
SuSE Security Announcement: openSUSE-SU-2016:1843 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-07/msg00066.html
https://usn.ubuntu.com/3586-1/

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871705
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for dhcp RHSA-2016:2590-02
Resumen:	The remote host is missing an update for the 'dhcp'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'dhcp' package(s) announced via the referenced advisory. Vulnerability Insight: The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections to OMAPI and failover ports. A remote attacker able to establish TCP connections to one of these ports could use this flaw to cause dhcpd to exit unexpectedly, stop responding requests, or exhaust system sockets (denial of service). (CVE-2016-2774) Red Hat would like to thank ISC for reporting this issue. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section. Affected Software/OS: dhcp on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2774 BugTraq ID: 84208 http://www.securityfocus.com/bid/84208 http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183640.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183458.html https://lists.debian.org/debian-lts-announce/2019/11/msg00023.html RedHat Security Advisories: RHSA-2016:2590 http://rhn.redhat.com/errata/RHSA-2016-2590.html http://www.securitytracker.com/id/1035196 SuSE Security Announcement: openSUSE-SU-2016:1843 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-07/msg00066.html https://usn.ubuntu.com/3586-1/
Copyright	Copyright (C) 2016 Greenbone AG