Page 2 of 9 results (0.020 seconds)

CVSS: 7.5EPSS: 14%CPEs: 51EXPL: 0

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested. Una vulnerabilidad derivada del error al limpiar correctamente las conexiones OMAPI cerradas puede conducir al agotamiento del grupo de descriptores del socket disponibles para el servidor DHCP. • http://www.securityfocus.com/bid/102726 http://www.securitytracker.com/id/1040194 https://access.redhat.com/errata/RHSA-2018:0158 https://kb.isc.org/docs/aa-01541 https://usn.ubuntu.com/3586-1 https://www.debian.org/security/2018/dsa-4133 https://access.redhat.com/security/cve/CVE-2017-3144 https://bugzilla.redhat.com/show_bug.cgi?id=1522918 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.1EPSS: 92%CPEs: 95EXPL: 0

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. ISC DHCP 4.1.x en versiones anteriores a 4.1-ESV-R13 y 4.2.x y 4.3.x en versiones anteriores a 4.3.4 no restringe el número de sesiones TCP concurrentes, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de aserción INSIST o interrupción de procesamiento de petición) estableciendo muchas sesiones. A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections to OMAPI and failover ports. A remote attacker able to establish TCP connections to one of these ports could use this flaw to cause dhcpd to exit unexpectedly, stop responding requests, or exhaust system sockets (denial of service). • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183458.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183640.html http://lists.opensuse.org/opensuse-updates/2016-07/msg00066.html http://rhn.redhat.com/errata/RHSA-2016-2590.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/84208 http://www.securitytracker.com/id/1035196 https://kb.isc.org/article/AA-01354 https://lists.debian.org&#x • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 5%CPEs: 93EXPL: 0

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. ISC DHCP 4.x en versiones anteriores a 4.1-ESV-R12-P1, 4.2.x y 4.3.x en versiones anteriores a 4.3.3-P1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una longitud de campo no válida en un paquete UDP IPv4. • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175594.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176031.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00162.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00168.html http://www.debian.org/security/2016/dsa-3442 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/80703 http://www.securitytracker.com/id/1034657 http&# • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 19EXPL: 0

libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266. libdns en ISC DHCP v4.2.x antes de v4.2.5-P1 permite a los servidores de nombres remotos provocar una denegación de servicio (consumo de memoria) a través de vectores relacionados con una expresión regular, como lo demuestra un ataque memoria de agotamiento contra un equipo que ejecuta un proceso de dhcpd, un tema relacionado con CVE-2013-2266. • https://kb.isc.org/article/AA-00880 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •