Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2013:0504
HistoryFeb 27, 2013 - 7:34 p.m.

dhclient, dhcp security update

2013-02-2719:34:21
CentOS Project
lists.centos.org
46

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

88.9%

JSON

CentOS Errata and Security Advisory CESA-2013:0504

The dhcp packages provide the Dynamic Host Configuration Protocol (DHCP)
that allows individual devices on an IP network to get their own network
configuration information, including an IP address, a subnet mask, and a
broadcast address.

A flaw was found in the way the dhcpd daemon handled the expiration time of
IPv6 leases. If dhcpd’s configuration was changed to reduce the default
IPv6 lease time, lease renewal requests for previously assigned leases
could cause dhcpd to crash. (CVE-2012-3955)

This update also fixes the following bugs:

  • Prior to this update, the DHCP server discovered only the first IP
    address of a network interface if the network interface had more than one
    configured IP address. As a consequence, the DHCP server failed to
    restart if the server was configured to serve only a subnet of the
    following IP addresses. This update modifies network interface addresses
    discovery code to find all addresses of a network interface. The DHCP
    server can also serve subnets of other addresses. (BZ#803540)

  • Prior to this update, the dhclient rewrote the /etc/resolv.conf file
    with backup data after it was stopped even when the PEERDNS flag was set
    to “no” before shut down if the configuration file was changed while the
    dhclient ran with PEERDNS=yes. This update removes the backing up and
    restoring functions for this configuration file from the dhclient-script.
    Now, the dhclient no longer rewrites the /etc/resolv.conf file when
    stopped. (BZ#824622)

All users of DHCP are advised to upgrade to these updated packages, which
fix these issues. After installing this update, all DHCP servers will be
restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081478.html
https://lists.centos.org/pipermail/centos-cr-announce/2013-February/026771.html

Affected packages:
dhclient
dhcp
dhcp-common
dhcp-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0504

OSVersionArchitecturePackageVersionFilename
CentOS6i686dhclient< 4.1.1-34.P1.el6.centosdhclient-4.1.1-34.P1.el6.centos.i686.rpm
CentOS6i686dhcp< 4.1.1-34.P1.el6.centosdhcp-4.1.1-34.P1.el6.centos.i686.rpm
CentOS6i686dhcp-common< 4.1.1-34.P1.el6.centosdhcp-common-4.1.1-34.P1.el6.centos.i686.rpm
CentOS6i686dhcp-devel< 4.1.1-34.P1.el6.centosdhcp-devel-4.1.1-34.P1.el6.centos.i686.rpm
CentOS6x86_64dhclient< 4.1.1-34.P1.el6.centosdhclient-4.1.1-34.P1.el6.centos.x86_64.rpm
CentOS6x86_64dhcp< 4.1.1-34.P1.el6.centosdhcp-4.1.1-34.P1.el6.centos.x86_64.rpm
CentOS6x86_64dhcp-common< 4.1.1-34.P1.el6.centosdhcp-common-4.1.1-34.P1.el6.centos.x86_64.rpm
CentOS6i686dhcp-devel< 4.1.1-34.P1.el6.centosdhcp-devel-4.1.1-34.P1.el6.centos.i686.rpm
CentOS6x86_64dhcp-devel< 4.1.1-34.P1.el6.centosdhcp-devel-4.1.1-34.P1.el6.centos.x86_64.rpm
CentOS6i686dhclient< 4.1.1-34.P1.el6.centosdhclient-4.1.1-34.P1.el6.centos.i686.rpm
Rows per page:
1-10 of 181

Related

veracode 1
nessus 19
cve 1
ubuntu 1
openvas 24
securityvulns 2
slackware 1
ubuntucve 1
debiancve 1
amazon 1
fedora 5
f5 2
redhat 2
prion 1
debian 1
oraclelinux 1
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:11
nessus
nessus
Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : dhcp (SSA:2012-258-01)
2012-09-15 00:00:00
Mandriva Linux Security Advisory : dhcp (MDVSA-2012:153-1)
2012-10-03 00:00:00
Fedora 18 : dhcp-4.2.4-15.P2.fc18 (2012-13910)
2012-09-18 00:00:00
cve
cve
CVE-2012-3955
2012-09-14 10:33:00
ubuntu
ubuntu
DHCP vulnerability
2012-09-18 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2551-1)
2012-09-26 00:00:00
Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)
2012-10-03 00:00:00
Debian Security Advisory DSA 2551-1 (isc-dhcp)
2012-09-26 00:00:00
securityvulns
securityvulns
[ MDVSA-2012:153 ] dhcp
2012-09-18 00:00:00
ISC dhcp multiple security vulnerabilities
2012-09-18 00:00:00
slackware
slackware
[slackware-security] dhcp
2012-09-14 22:21:58
ubuntucve
ubuntucve
CVE-2012-3955
2012-09-13 00:00:00
debiancve
debiancve
CVE-2012-3955
2012-09-14 10:33:00
amazon
amazon
Low: dhcp
2013-03-02 16:47:00
fedora
fedora
[SECURITY] Fedora 18 Update: dhcp-4.2.4-15.P2.fc18
2012-09-17 23:13:39
[SECURITY] Fedora 17 Update: dhcp-4.2.4-13.P2.fc17
2012-09-26 08:53:17
[SECURITY] Fedora 17 Update: dhcp-4.2.4-16.P2.fc17
2012-10-19 23:59:48
f5
f5
K16873 : ISC DHCP vulnerability CVE-2012-3955
2015-07-02 00:00:00
SOL16873 - ISC DHCP vulnerability CVE-2012-3955
2015-07-02 00:00:00
redhat
redhat
(RHSA-2013:0504) Low: dhcp security and bug fix update
2013-02-21 00:00:00
(RHSA-2013:0579) Important: rhev-hypervisor6 security, bug fix, and enhancement update
2013-02-28 00:00:00
prion
prion
Code injection
2012-09-14 10:33:00
debian
debian
[SECURITY] [DSA 2551-1] isc-dhcp security update
2012-09-23 22:16:15
oraclelinux
oraclelinux
dhcp security and bug fix update
2013-02-22 00:00:00
gentoo
gentoo
ISC DHCP: Denial of service
2013-01-09 00:00:00

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.021 Low

EPSS

Percentile

88.9%

JSON
Related for CESA-2013:0504
veracode1nessus19cve1ubuntu1openvas24securityvulns2slackware1ubuntucve1debiancve1amazon1fedora5f52redhat2prion1debian1oraclelinux1gentoo1