6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:N/I:N/A:C
Debian Security Advisory DSA-3442-1 [email protected]
https://www.debian.org/security/ Michael Gilbert
January 13, 2016 https://www.debian.org/security/faq
Package : isc-dhcp
CVE ID : CVE-2015-8605
Debian Bug : 810875
It was discovered that a maliciously crafted packet can crash any of
the isc-dhcp applications. This includes the DHCP client, relay, and
server application. Only IPv4 setups are affected.
For the oldstable distribution (wheezy), this problem has been fixed
in version 4.2.2.dfsg.1-5+deb70u8.
For the stable distribution (jessie), this problem has been fixed in
version 4.3.1-6+deb8u2.
For the testing (stretch) and unstable (sid) distributions, this
problem will be fixed soon.
We recommend that you upgrade your isc-dhcp packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | amd64 | isc-dhcp-dev | < 4.1.1-P1-15+squeeze10 | isc-dhcp-dev_4.1.1-P1-15+squeeze10_amd64.deb |
Debian | 7 | i386 | isc-dhcp-client | < 4.2.2.dfsg.1-5+deb70u8 | isc-dhcp-client_4.2.2.dfsg.1-5+deb70u8_i386.deb |
Debian | 7 | s390 | isc-dhcp-server | < 4.2.2.dfsg.1-5+deb70u8 | isc-dhcp-server_4.2.2.dfsg.1-5+deb70u8_s390.deb |
Debian | 8 | armel | isc-dhcp-client | < 4.3.1-6+deb8u2 | isc-dhcp-client_4.3.1-6+deb8u2_armel.deb |
Debian | 7 | powerpc | isc-dhcp-relay | < 4.2.2.dfsg.1-5+deb70u8 | isc-dhcp-relay_4.2.2.dfsg.1-5+deb70u8_powerpc.deb |
Debian | 8 | mips | isc-dhcp-relay | < 4.3.1-6+deb8u2 | isc-dhcp-relay_4.3.1-6+deb8u2_mips.deb |
Debian | 8 | armhf | isc-dhcp-client-udeb | < 4.3.1-6+deb8u2 | isc-dhcp-client-udeb_4.3.1-6+deb8u2_armhf.deb |
Debian | 7 | s390 | isc-dhcp-client-dbg | < 4.2.2.dfsg.1-5+deb70u8 | isc-dhcp-client-dbg_4.2.2.dfsg.1-5+deb70u8_s390.deb |
Debian | 8 | i386 | isc-dhcp-relay-dbg | < 4.3.1-6+deb8u2 | isc-dhcp-relay-dbg_4.3.1-6+deb8u2_i386.deb |
Debian | 7 | kfreebsd-i386 | isc-dhcp-client | < 4.2.2.dfsg.1-5+deb70u8 | isc-dhcp-client_4.2.2.dfsg.1-5+deb70u8_kfreebsd-i386.deb |
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:N/I:N/A:C