9 results (0.040 seconds)

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. dhcp6.c en dhcpcd versiones anteriores a 6.11.7 y 7.x en versiones anteriores a 7.2.2 tiene una sobre-lectura de búfer en la característica D6_OPTION_PD_EXCLUDE. • http://www.securityfocus.com/bid/108172 https://bugs.debian.org/928440 https://roy.marples.name/archives/dhcpcd-discuss/0002428.html https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=896ef4a54b0578985e5e1360b141593f1d62837b https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=c1ebeaafeb324bac997984abdcee2d4e8b61a8a8 • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. dhcp.c en dhcpcd anterior a 7.2.1 contiene un desbordamiento de lectura de 1 byte con DHO_OPTSOVERLOADED. • http://www.securityfocus.com/bid/108090 https://lists.debian.org/debian-lts-announce/2019/05/msg00024.html https://roy.marples.name/archives/dhcpcd-discuss/0002415.html https://roy.marples.name/git/dhcpcd.git/commit/?id=4b67f6f1038fd4ad5ca7734eaaeba1b2ec4816b8 • CWE-125: Out-of-bounds Read •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. auth.c en dhcpcd anterior a la 7.2.1 permite a los atacantes inferir secretos realizando ataques de latencia. • http://www.securityfocus.com/bid/108090 https://roy.marples.name/archives/dhcpcd-discuss/0002415.html https://roy.marples.name/git/dhcpcd.git/commit/?id=7121040790b611ca3fbc400a1bbcd4364ef57233 https://roy.marples.name/git/dhcpcd.git/commit/?id=aee631aadeef4283c8a749c1caf77823304acf5e https://roy.marples.name/git/dhcpcd.git/commit/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da • CWE-203: Observable Discrepancy •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses. dhcpcd versión anterior a 7.2.1 contiene un desbordamiento de búfer en dhcp6_findna en dhcp6.c al leer direcciones NA/TA. • http://www.securityfocus.com/bid/108090 https://roy.marples.name/archives/dhcpcd-discuss/0002415.html https://roy.marples.name/git/dhcpcd.git/commit/?id=8d11b33f6c60e2db257130fa383ba76b6018bcf6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length. dhcpcd en versiones anteriores a 6.10.0 permite a atacantes remotos provocar una denegación de servicio (lectura no válida y caída) a través de vectores relacionados con la longitud de la opción. • http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d8fabf33059aa4689cca17403 http://roy.marples.name/projects/dhcpcd/timeline?r=trunk&nd&c=2016-01-07+16%3A47%3A19&n=200 http://www.openwall.com/lists/oss-security/2016/01/07/3 http://www.openwall.com/lists/oss-security/2016/01/07/4 http://www.securitytracker.com/id/1034601 https://security.gentoo.org/glsa/201606-07 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •