{"id": "F154A3C7-F7F4-11DF-B617-00E0815B8DA8", "bulletinFamily": "unix", "title": "isc-dhcp-server -- Empty link-address denial of service", "description": "\nISC reports:\n\nIf the server receives a DHCPv6 packet containing one or more\n\t Relay-Forward messages, and none of them supply an address in the\n\t Relay-Forward link-address field, then the server will crash. This\n\t can be used as a single packet crash attack vector.\n\n", "published": "2010-11-02T00:00:00", "modified": "2010-11-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/f154a3c7-f7f4-11df-b617-00e0815b8da8.html", "reporter": "FreeBSD", "references": ["http://www.kb.cert.org/vuls/id/102047", "http://www.isc.org/software/dhcp/advisories/cve-2010-3611"], "cvelist": ["CVE-2010-3611"], "type": "freebsd", "lastseen": "2018-08-31T01:15:18", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.2"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.0"}], "bulletinFamily": "unix", "cvelist": ["CVE-2010-3611"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nISC reports:\n\nIf the server receives a DHCPv6 packet containing one or more\n\t Relay-Forward messages, and none of them supply an address in the\n\t Relay-Forward link-address field, then the server will crash. This\n\t can be used as a single packet crash attack vector.\n\n", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "0b7e233fdd7ea9a62e265c6bf445ab22a688919bf224d929fb4b914b06067edc", "hashmap": [{"hash": "7d4bd4aedbd925f231102655cf44c8fb", "key": "title"}, {"hash": "5f2511bdb0cb6cecae0154a425708b85", "key": "cvelist"}, {"hash": "40342a14e274ce504cb9c6aad7a6acea", "key": "description"}, {"hash": "d5ef807788b46f7db2a4c6c6693ce69c", "key": "href"}, {"hash": "a45c550a93cccf6da6778534855a3d3a", "key": "published"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "a45c550a93cccf6da6778534855a3d3a", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "2a4ac9c6397eb9ec5cf76e8d8cbb41d1", "key": "affectedPackage"}, {"hash": "988cd82879bd556b7c3d4b30c960fbe0", "key": "references"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/f154a3c7-f7f4-11df-b617-00e0815b8da8.html", "id": "F154A3C7-F7F4-11DF-B617-00E0815B8DA8", "lastseen": "2018-08-30T19:15:20", "modified": "2010-11-02T00:00:00", "objectVersion": "1.3", "published": "2010-11-02T00:00:00", "references": ["http://www.kb.cert.org/vuls/id/102047", "http://www.isc.org/software/dhcp/advisories/cve-2010-3611"], "reporter": "FreeBSD", "title": "isc-dhcp-server -- Empty link-address denial of service", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:15:20"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.2"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.0"}], "bulletinFamily": "unix", "cvelist": ["CVE-2010-3611"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "\nISC reports:\n\nIf the server receives a DHCPv6 packet containing one or more\n\t Relay-Forward messages, and none of them supply an address in the\n\t Relay-Forward link-address field, then the server will crash. This\n\t can be used as a single packet crash attack vector.\n\n", "edition": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2325ce59537fb41f64bf3177be1307b4eac4b457c92337af0a7a099dbca44028", "hashmap": [{"hash": "7d4bd4aedbd925f231102655cf44c8fb", "key": "title"}, {"hash": "5f2511bdb0cb6cecae0154a425708b85", "key": "cvelist"}, {"hash": "40342a14e274ce504cb9c6aad7a6acea", "key": "description"}, {"hash": "d5ef807788b46f7db2a4c6c6693ce69c", "key": "href"}, {"hash": "a45c550a93cccf6da6778534855a3d3a", "key": "published"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "a45c550a93cccf6da6778534855a3d3a", "key": "modified"}, {"hash": "3873c836ae45fd496c2b40bae50467ed", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "2a4ac9c6397eb9ec5cf76e8d8cbb41d1", "key": "affectedPackage"}, {"hash": "988cd82879bd556b7c3d4b30c960fbe0", "key": "references"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/f154a3c7-f7f4-11df-b617-00e0815b8da8.html", "id": "F154A3C7-F7F4-11DF-B617-00E0815B8DA8", "lastseen": "2016-09-26T17:24:47", "modified": "2010-11-02T00:00:00", "objectVersion": "1.2", "published": "2010-11-02T00:00:00", "references": ["http://www.kb.cert.org/vuls/id/102047", "http://www.isc.org/software/dhcp/advisories/cve-2010-3611"], "reporter": "FreeBSD", "title": "isc-dhcp-server -- Empty link-address denial of service", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2016-09-26T17:24:47"}], "edition": 3, "hashmap": [{"key": "affectedPackage", "hash": "2a4ac9c6397eb9ec5cf76e8d8cbb41d1"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "5f2511bdb0cb6cecae0154a425708b85"}, {"key": "cvss", "hash": "3873c836ae45fd496c2b40bae50467ed"}, {"key": "description", "hash": "40342a14e274ce504cb9c6aad7a6acea"}, {"key": "href", "hash": "d5ef807788b46f7db2a4c6c6693ce69c"}, {"key": "modified", "hash": "a45c550a93cccf6da6778534855a3d3a"}, {"key": "published", "hash": "a45c550a93cccf6da6778534855a3d3a"}, {"key": "references", "hash": "988cd82879bd556b7c3d4b30c960fbe0"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "7d4bd4aedbd925f231102655cf44c8fb"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "2325ce59537fb41f64bf3177be1307b4eac4b457c92337af0a7a099dbca44028", "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.2"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "isc-dhcp41-server", "packageVersion": "4.1.0"}]}

{"cve": [{"lastseen": "2017-08-17T11:14:56", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html", "http://www.securityfocus.com/bid/44615", "http://www.vupen.com/english/advisories/2010/2879", "https://bugzilla.redhat.com/show_bug.cgi?id=649877", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:226", "http://www.vupen.com/english/advisories/2010/3092", "https://exchange.xforce.ibmcloud.com/vulnerabilities/62965", "http://www.kb.cert.org/vuls/id/102047", "http://www.redhat.com/support/errata/RHSA-2010-0923.html", "http://www.vupen.com/english/advisories/2010/3044", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html", "http://www.isc.org/software/dhcp/advisories/cve-2010-3611"], "description": "ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field.", "edition": 2, "reporter": "NVD", "published": "2010-11-04T14:00:02", "title": "CVE-2010-3611", "type": "cve", "enchantments": {"score": {"modified": "2017-08-17T11:14:56", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3611"], "scanner": [], "modified": "2017-08-16T21:33:00", "cpe": ["cpe:/a:isc:dhcp:4.2.0:a2", "cpe:/a:isc:dhcp:4.0", "cpe:/a:isc:dhcp:4.0.1", "cpe:/a:isc:dhcp:4.1.1:b3", "cpe:/a:isc:dhcp:4.0.1:rc1", "cpe:/a:isc:dhcp:4.2.0:b1", "cpe:/a:isc:dhcp:4.1.1:b1", "cpe:/a:isc:dhcp:4.2.0:a1", "cpe:/a:isc:dhcp:4.1.1:b2", "cpe:/a:isc:dhcp:4.2.0:rc1", "cpe:/a:isc:dhcp:4.1.1:rc1", "cpe:/a:isc:dhcp:4.2.0", "cpe:/a:isc:dhcp:4.0.0", "cpe:/a:isc:dhcp:4.1.1", "cpe:/a:isc:dhcp:4.1.0", "cpe:/a:isc:dhcp:4.0.1:b1", "cpe:/a:isc:dhcp:4.2.0:b2"], "id": "CVE-2010-3611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3611", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:39", "references": ["https://vulners.com/securityvulns/securityvulns:doc:25120"], "description": "Crash on Relay-Forward packet with empty link-address field.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-11-10T00:00:00", "title": "ISC DHCP server DoS", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:39", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "dhcp", "version": "4.2", "operator": "eq"}, {"name": "dhcp", "version": "4.0", "operator": "eq"}, {"name": "dhcp", "version": "4.1", "operator": "eq"}], "cvelist": ["CVE-2010-3611"], "modified": "2010-11-10T00:00:00", "id": "SECURITYVULNS:VULN:11253", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11253", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:37", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:226\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : dhcp\r\n Date : November 10, 2010\r\n Affected: 2009.1, 2010.0, 2010.1\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability was discovered and corrected in ISC dhcp:\r\n \r\n ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\r\n 4.2.0-P1 allows remote attackers to cause a denial of service &#40;crash&#41;\r\n via a DHCPv6 packet containing a Relay-Forward message without an\r\n address in the Relay-Forward link-address field &#40;CVE-2010-3611&#41;.\r\n \r\n The updated packages have been upgraded to 4.1.2 which is not\r\n vulnerable to this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3611\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.1:\r\n 8ded7998e798f54c031ffe45a0fb76f6 \r\n2009.1/i586/dhcp-client-4.1.2-0.1mdv2009.1.i586.rpm\r\n c8d3449949bdb12058f388310ac73ac0 \r\n2009.1/i586/dhcp-common-4.1.2-0.1mdv2009.1.i586.rpm\r\n dc075f58d11682203f51297c5b360c2c \r\n2009.1/i586/dhcp-devel-4.1.2-0.1mdv2009.1.i586.rpm\r\n 5ce2bbed0207c185cbe0170c6abdba5f 2009.1/i586/dhcp-doc-4.1.2-0.1mdv2009.1.i586.rpm\r\n 69f43ea4a05aedaaf809c8ccff68156c \r\n2009.1/i586/dhcp-relay-4.1.2-0.1mdv2009.1.i586.rpm\r\n 437ee9bccc54a45d6b1dd6eb23f39af9 \r\n2009.1/i586/dhcp-server-4.1.2-0.1mdv2009.1.i586.rpm \r\n 3c2da5a436f72de695cefd65b18cd547 2009.1/SRPMS/dhcp-4.1.2-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 77d56091ab3a3b90e1f92937e9bb6955 \r\n2009.1/x86_64/dhcp-client-4.1.2-0.1mdv2009.1.x86_64.rpm\r\n 13616a15ec6b187a8b1692194d66351a \r\n2009.1/x86_64/dhcp-common-4.1.2-0.1mdv2009.1.x86_64.rpm\r\n 0138ff116b25c9a9117f54a3a92f33c3 \r\n2009.1/x86_64/dhcp-devel-4.1.2-0.1mdv2009.1.x86_64.rpm\r\n 8574b0587437b62a14c812a2c7a33aba \r\n2009.1/x86_64/dhcp-doc-4.1.2-0.1mdv2009.1.x86_64.rpm\r\n d1ed416ea679bb4437e53f769ab1d68f \r\n2009.1/x86_64/dhcp-relay-4.1.2-0.1mdv2009.1.x86_64.rpm\r\n 64e10a176668bb778194ebd2d9d5a691 \r\n2009.1/x86_64/dhcp-server-4.1.2-0.1mdv2009.1.x86_64.rpm \r\n 3c2da5a436f72de695cefd65b18cd547 2009.1/SRPMS/dhcp-4.1.2-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 903f10812f23512df8895d068eff3975 \r\n2010.0/i586/dhcp-client-4.1.2-0.1mdv2010.0.i586.rpm\r\n 915ccd834aea02f6f2063463d1cfffd5 \r\n2010.0/i586/dhcp-common-4.1.2-0.1mdv2010.0.i586.rpm\r\n 42a8c93e13370a2f52e7035dcfa73334 \r\n2010.0/i586/dhcp-devel-4.1.2-0.1mdv2010.0.i586.rpm\r\n 27d2e196a28e8221e90597d697a8bfdb 2010.0/i586/dhcp-doc-4.1.2-0.1mdv2010.0.i586.rpm\r\n cc27b55695952677b6f1edf37fa20517 \r\n2010.0/i586/dhcp-relay-4.1.2-0.1mdv2010.0.i586.rpm\r\n 8c3f88eeb112c3d25b892ebe6ae670b1 \r\n2010.0/i586/dhcp-server-4.1.2-0.1mdv2010.0.i586.rpm \r\n 4c67a5d3c889b878d8129d3dca4999c8 2010.0/SRPMS/dhcp-4.1.2-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 81d8694f3b3f8f129aac04ffbcd86cf1 \r\n2010.0/x86_64/dhcp-client-4.1.2-0.1mdv2010.0.x86_64.rpm\r\n 1ee211daf3292f281577a55dffcfab45 \r\n2010.0/x86_64/dhcp-common-4.1.2-0.1mdv2010.0.x86_64.rpm\r\n 42c5e9f44117f275dc7ae5b6b1a2a5a3 \r\n2010.0/x86_64/dhcp-devel-4.1.2-0.1mdv2010.0.x86_64.rpm\r\n 18c1acbc00ad3b96e13ff7cf499242c5 \r\n2010.0/x86_64/dhcp-doc-4.1.2-0.1mdv2010.0.x86_64.rpm\r\n ede58d17894f09d4caf94a7fa3db4476 \r\n2010.0/x86_64/dhcp-relay-4.1.2-0.1mdv2010.0.x86_64.rpm\r\n 1a578667e1225e8d1494682667965c7e \r\n2010.0/x86_64/dhcp-server-4.1.2-0.1mdv2010.0.x86_64.rpm \r\n 4c67a5d3c889b878d8129d3dca4999c8 2010.0/SRPMS/dhcp-4.1.2-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n d6f9ed6e9ae1cb22c7ea80cdeeaaeda1 \r\n2010.1/i586/dhcp-client-4.1.2-0.1mdv2010.1.i586.rpm\r\n 4320e7b882da1f57111d94925b48b6c3 \r\n2010.1/i586/dhcp-common-4.1.2-0.1mdv2010.1.i586.rpm\r\n 208448b7b346eaf6d30044a570427a45 \r\n2010.1/i586/dhcp-devel-4.1.2-0.1mdv2010.1.i586.rpm\r\n 54fcd61586984f825842a40ebeb17c54 2010.1/i586/dhcp-doc-4.1.2-0.1mdv2010.1.i586.rpm\r\n c859b4eb9f7b4a7f01fee0a0267b14f4 \r\n2010.1/i586/dhcp-relay-4.1.2-0.1mdv2010.1.i586.rpm\r\n 1e36ecc067937b23271d503f3a76e21e \r\n2010.1/i586/dhcp-server-4.1.2-0.1mdv2010.1.i586.rpm \r\n 24862cb48b62437378aadc11f95aaf22 2010.1/SRPMS/dhcp-4.1.2-0.1mdv2010.1.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n fb27e016fd9aa6222ad3c6a0f3081194 \r\n2010.1/x86_64/dhcp-client-4.1.2-0.1mdv2010.1.x86_64.rpm\r\n d9badcccc61aaedbc3ed65958f7d7cdc \r\n2010.1/x86_64/dhcp-common-4.1.2-0.1mdv2010.1.x86_64.rpm\r\n 5516227c03670cdcdc49e15435d1f604 \r\n2010.1/x86_64/dhcp-devel-4.1.2-0.1mdv2010.1.x86_64.rpm\r\n 8751bd29904fd1966df5c93c6c261482 \r\n2010.1/x86_64/dhcp-doc-4.1.2-0.1mdv2010.1.x86_64.rpm\r\n 01c4fe657f0b6b472b2981de5b0a0ad7 \r\n2010.1/x86_64/dhcp-relay-4.1.2-0.1mdv2010.1.x86_64.rpm\r\n 5e0a5c35f7bab109ecbeddf474496965 \r\n2010.1/x86_64/dhcp-server-4.1.2-0.1mdv2010.1.x86_64.rpm \r\n 24862cb48b62437378aadc11f95aaf22 2010.1/SRPMS/dhcp-4.1.2-0.1mdv2010.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFM2rWjmqjQ0CJFipgRAliCAKDCLltDs3aQoCbQoY8g8jJ+ZxMw5gCgkRgJ\r\nmIdAAYScJMwSiAY2lyJvARA=\r\n=eKH9\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2010-11-10T00:00:00", "title": "[ MDVSA-2010:226 ] dhcp", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:37", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3611"], "modified": "2010-11-10T00:00:00", "id": "SECURITYVULNS:DOC:25120", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25120", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:55:18", "references": ["http://www.nessus.org/u?0b181a42"], "pluginID": "60909", "description": "A NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was running as a DHCPv6 server. (CVE-2010-3611)\n\nAfter installing this update, all DHCP servers will be restarted automatically.", "edition": 4, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : dhcp on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2014-08-16T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101130_DHCP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60909", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60909);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2014/08/16 19:42:09 $\");\n\n script_cve_id(\"CVE-2010-3611\");\n\n script_name(english:\"Scientific Linux Security Update : dhcp on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference flaw was discovered in the way the dhcpd\ndaemon parsed DHCPv6 packets. A remote attacker could use this flaw to\ncrash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was\nrunning as a DHCPv6 server. (CVE-2010-3611)\n\nAfter installing this update, all DHCP servers will be restarted\nautomatically.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=4180\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b181a42\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhclient, dhcp and / or dhcp-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"dhclient-4.1.1-12.P1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dhcp-4.1.1-12.P1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"dhcp-devel-4.1.1-12.P1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:03:51", "references": ["http://rhn.redhat.com/errata/RHSA-2010-0923.html", "https://www.redhat.com/security/data/cve/CVE-2010-3611.html"], "pluginID": "50850", "description": "Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks.\n\nA NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was running as a DHCPv6 server. (CVE-2010-3611)\n\nUsers running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue.\nAfter installing this update, all DHCP servers will be restarted automatically.", "edition": 6, "reporter": "Tenable", "published": "2010-12-01T00:00:00", "title": "RHEL 6 : dhcp (RHSA-2010:0923)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-07-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhclient", "p-cpe:/a:redhat:enterprise_linux:dhcp-devel", "p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0", "p-cpe:/a:redhat:enterprise_linux:dhcp"], "id": "REDHAT-RHSA-2010-0923.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50850", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0923. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50850);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/25 18:58:05\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_bugtraq_id(44615);\n script_xref(name:\"RHSA\", value:\"2010:0923\");\n\n script_name(english:\"RHEL 6 : dhcp (RHSA-2010:0923)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dhcp packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. DHCPv6 is the DHCP protocol version for IPv6\nnetworks.\n\nA NULL pointer dereference flaw was discovered in the way the dhcpd\ndaemon parsed DHCPv6 packets. A remote attacker could use this flaw to\ncrash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was\nrunning as a DHCPv6 server. (CVE-2010-3611)\n\nUsers running dhcpd as a DHCPv6 server should upgrade to these updated\npackages, which contain a backported patch to correct this issue.\nAfter installing this update, all DHCP servers will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3611.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2010-0923.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0923\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dhclient-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dhclient-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dhclient-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"dhcp-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"dhcp-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"dhcp-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"dhcp-debuginfo-4.1.1-12.P1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"dhcp-devel-4.1.1-12.P1.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-debuginfo / dhcp-devel\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:29", "references": [], "pluginID": "50558", "description": "A vulnerability was discovered and corrected in ISC dhcp :\n\nISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field (CVE-2010-3611).\n\nThe updated packages have been upgraded to 4.1.2 which is not vulnerable to this issue.", "edition": 5, "reporter": "Tenable", "published": "2010-11-11T00:00:00", "title": "Mandriva Linux Security Advisory : dhcp (MDVSA-2010:226)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dhcp-common", "p-cpe:/a:mandriva:linux:dhcp-devel", "p-cpe:/a:mandriva:linux:dhcp-server", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:dhcp-client", "p-cpe:/a:mandriva:linux:dhcp-doc", "p-cpe:/a:mandriva:linux:dhcp-relay"], "id": "MANDRIVA_MDVSA-2010-226.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50558", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:226. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50558);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/19 20:59:17\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_bugtraq_id(44615);\n script_xref(name:\"MDVSA\", value:\"2010:226\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dhcp (MDVSA-2010:226)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in ISC dhcp :\n\nISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\n4.2.0-P1 allows remote attackers to cause a denial of service (crash)\nvia a DHCPv6 packet containing a Relay-Forward message without an\naddress in the Relay-Forward link-address field (CVE-2010-3611).\n\nThe updated packages have been upgraded to 4.1.2 which is not\nvulnerable to this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-client-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-common-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-devel-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-doc-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-relay-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-server-4.1.2-0.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-client-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-common-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-devel-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-doc-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-relay-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"dhcp-server-4.1.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-client-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-common-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-devel-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-doc-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-relay-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"dhcp-server-4.1.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:35:12", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=650902"], "pluginID": "75463", "description": "ISC DHCP can be crashed with a single dhcpv6 packet. CVE-2010-3611 has been assigned to this issue. Additionally a dhcrelay crash when receiving packets on interfaces without assigned IPv4 address has been fixed as well as an infinite loop in dhcpd.", "edition": 4, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : dhcp (dhcp-3484)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_DHCP-101108.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75463", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-3484.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75463);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/06/13 21:39:49 $\");\n\n script_cve_id(\"CVE-2010-3611\");\n\n script_name(english:\"openSUSE Security Update : dhcp (dhcp-3484)\");\n script_summary(english:\"Check for the dhcp-3484 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC DHCP can be crashed with a single dhcpv6 packet. CVE-2010-3611 has\nbeen assigned to this issue. Additionally a dhcrelay crash when\nreceiving packets on interfaces without assigned IPv4 address has been\nfixed as well as an infinite loop in dhcpd.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650902\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"dhcp-4.1.1.P1-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"dhcp-client-4.1.1.P1-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"dhcp-devel-4.1.1.P1-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"dhcp-relay-4.1.1.P1-4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"dhcp-server-4.1.1.P1-4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp / dhcp-client / dhcp-devel / dhcp-relay / dhcp-server\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:17", "references": ["http://www.nessus.org/u?d4b7a7a2", "http://www.isc.org/software/dhcp/advisories/cve-2010-3611"], "pluginID": "50815", "description": "ISC reports :\n\nIf the server receives a DHCPv6 packet containing one or more Relay-Forward messages, and none of them supply an address in the Relay-Forward link-address field, then the server will crash. This can be used as a single packet crash attack vector.", "edition": 4, "reporter": "Tenable", "published": "2010-11-28T00:00:00", "title": "FreeBSD : isc-dhcp-server -- Empty link-address denial of service (f154a3c7-f7f4-11df-b617-00e0815b8da8)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2013-06-22T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:isc-dhcp41-server"], "id": "FREEBSD_PKG_F154A3C7F7F411DFB61700E0815B8DA8.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50815", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50815);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2013/06/22 00:15:01 $\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_xref(name:\"CERT\", value:\"102047\");\n\n script_name(english:\"FreeBSD : isc-dhcp-server -- Empty link-address denial of service (f154a3c7-f7f4-11df-b617-00e0815b8da8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC reports :\n\nIf the server receives a DHCPv6 packet containing one or more\nRelay-Forward messages, and none of them supply an address in the\nRelay-Forward link-address field, then the server will crash. This can\nbe used as a single packet crash attack vector.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.isc.org/software/dhcp/advisories/cve-2010-3611\"\n );\n # http://www.freebsd.org/ports/portaudit/f154a3c7-f7f4-11df-b617-00e0815b8da8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4b7a7a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:isc-dhcp41-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"isc-dhcp41-server>=4.1.0<4.1.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:10", "references": ["http://www.nessus.org/u?78f56165", "https://bugzilla.redhat.com/show_bug.cgi?id=649877"], "pluginID": "50592", "description": "- Fri Nov 5 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-14.P1\n\n - fix broken dependencies\n\n - Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-13.P1\n\n - 4.2.0-P1: fix for CVE-2010-3611 (#649880)\n\n - dhclient-script: when updating 'search' statement in resolv.conf, add domain part of hostname if it's not already there (#637763)\n\n - Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-12\n\n - Server was ignoring client's Solicit (where client included address/prefix as a preference) (#634842)\n\n - Thu Oct 7 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-11\n\n - Use ping instead of arping in dhclient-script to handle not-on-local-net gateway in ARP-less device (#524298)\n\n - Thu Oct 7 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-10\n\n - Check whether there is any unexpired address in previous lease prior to confirming (INIT-REBOOT) the lease (#585418)\n\n - Mon Oct 4 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-9\n\n - RFC 3442 - ignore Router option only if Classless Static Routes option contains default router\n\n - Thu Sep 30 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-8\n\n - Explicitly clear the ARP cache and flush all addresses & routes instead of bringing the interface down (#574568)\n\n - Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.0-7\n\n - Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2010-11-15T00:00:00", "title": "Fedora 14 : dhcp-4.2.0-14.P1.fc14 (2010-17312)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2016-05-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:dhcp"], "id": "FEDORA_2010-17312.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50592", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-17312.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50592);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/05/11 13:24:18 $\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_bugtraq_id(44615);\n script_xref(name:\"FEDORA\", value:\"2010-17312\");\n\n script_name(english:\"Fedora 14 : dhcp-4.2.0-14.P1.fc14 (2010-17312)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Nov 5 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-14.P1\n\n - fix broken dependencies\n\n - Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-13.P1\n\n - 4.2.0-P1: fix for CVE-2010-3611 (#649880)\n\n - dhclient-script: when updating 'search' statement in\n resolv.conf, add domain part of hostname if it's not\n already there (#637763)\n\n - Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-12\n\n - Server was ignoring client's Solicit (where client\n included address/prefix as a preference) (#634842)\n\n - Thu Oct 7 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-11\n\n - Use ping instead of arping in dhclient-script to\n handle not-on-local-net gateway in ARP-less device\n (#524298)\n\n - Thu Oct 7 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-10\n\n - Check whether there is any unexpired address in\n previous lease prior to confirming (INIT-REBOOT) the\n lease (#585418)\n\n - Mon Oct 4 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-9\n\n - RFC 3442 - ignore Router option only if Classless\n Static Routes option contains default router\n\n - Thu Sep 30 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-8\n\n - Explicitly clear the ARP cache and flush all addresses\n & routes instead of bringing the interface down\n (#574568)\n\n - Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.2.0-7\n\n - Hardening dhcpd/dhcrelay/dhclient by making them PIE &\n RELRO\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649877\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78f56165\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"dhcp-4.2.0-14.P1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:24", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=649877", "http://www.nessus.org/u?05939a43"], "pluginID": "50682", "description": "- Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-27.P1\n\n - Fix for CVE-2010-3611 (#649880)\n\n - Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-26.P1\n\n - Server was ignoring client's Solicit (where client included address/prefix as a preference) (#634842)\n\n - Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-25.P1\n\n - Hardening dhcpd/dhcrelay/dhclient by making them PIE & RELRO\n\n - Fri Aug 20 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-24.P1\n\n - Add DHCRELAYARGS variable to /etc/sysconfig/dhcrelay\n\n - Tue Jun 29 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-23.P1\n\n - Fix parsing of date (#514828)\n\n - Thu Jun 3 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-22.P1\n\n - 4.1.1-P1 (pair of bug fixes including one for a security related bug).\n\n - Fix for CVE-2010-2156 (#601405)\n\n - Compile with -fno-strict-aliasing\n\n - N-V-R (copied from bind.spec):\n Name-Version-Release.Patch.dist\n\n - Mon May 3 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-21\n\n - Fix the initialization-delay.patch (#587070)\n\n - Thu Apr 29 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-20\n\n - Cut down the 0-4 second delay before sending first DHCPDISCOVER (#587070)\n\n - Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-19\n\n - Move /etc/NetworkManager/dispatcher.d/10-dhclient script from dhcp to dhclient subpackage (#586999).\n\n - Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-18\n\n - Add domain-search to the list of default requested DHCP options (#586906)\n\n - Wed Apr 21 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-17\n\n - If the Reply was received in response to Renew or Rebind message, client adds any new addresses in the IA option to the IA (#578097)\n\n - Mon Apr 19 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-16\n\n - Fill in Elapsed Time Option in Release/Decline messages (#582939)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-11-23T00:00:00", "title": "Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:dhcp"], "id": "FEDORA_2010-17303.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50682", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-17303.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50682);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/12 15:01:51\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_bugtraq_id(44615);\n script_xref(name:\"FEDORA\", value:\"2010-17303\");\n\n script_name(english:\"Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Nov 4 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-27.P1\n\n - Fix for CVE-2010-3611 (#649880)\n\n - Wed Oct 13 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-26.P1\n\n - Server was ignoring client's Solicit (where client\n included address/prefix as a preference) (#634842)\n\n - Tue Sep 7 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-25.P1\n\n - Hardening dhcpd/dhcrelay/dhclient by making them PIE &\n RELRO\n\n - Fri Aug 20 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-24.P1\n\n - Add DHCRELAYARGS variable to /etc/sysconfig/dhcrelay\n\n - Tue Jun 29 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-23.P1\n\n - Fix parsing of date (#514828)\n\n - Thu Jun 3 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-22.P1\n\n - 4.1.1-P1 (pair of bug fixes including one for a\n security related bug).\n\n - Fix for CVE-2010-2156 (#601405)\n\n - Compile with -fno-strict-aliasing\n\n - N-V-R (copied from bind.spec):\n Name-Version-Release.Patch.dist\n\n - Mon May 3 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-21\n\n - Fix the initialization-delay.patch (#587070)\n\n - Thu Apr 29 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-20\n\n - Cut down the 0-4 second delay before sending first\n DHCPDISCOVER (#587070)\n\n - Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-19\n\n - Move /etc/NetworkManager/dispatcher.d/10-dhclient\n script from dhcp to dhclient subpackage (#586999).\n\n - Wed Apr 28 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-18\n\n - Add domain-search to the list of default requested\n DHCP options (#586906)\n\n - Wed Apr 21 2010 Jiri Popelka <jpopelka at redhat.com>\n - 12:4.1.1-17\n\n - If the Reply was received in response to Renew or\n Rebind message, client adds any new addresses in the\n IA option to the IA (#578097)\n\n - Mon Apr 19 2010 Jiri Popelka <jpopelka at redhat.com> -\n 12:4.1.1-16\n\n - Fill in Elapsed Time Option in Release/Decline\n messages (#582939)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649877\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05939a43\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"dhcp-4.1.1-27.P1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:37:44", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001843.html"], "pluginID": "68151", "description": "From Red Hat Security Advisory 2010:0923 :\n\nUpdated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks.\n\nA NULL pointer dereference flaw was discovered in the way the dhcpd daemon parsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was running as a DHCPv6 server. (CVE-2010-3611)\n\nUsers running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue.\nAfter installing this update, all DHCP servers will be restarted automatically.", "edition": 5, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : dhcp (ELSA-2010-0923)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:dhcp", "p-cpe:/a:oracle:linux:dhclient", "p-cpe:/a:oracle:linux:dhcp-devel"], "id": "ORACLELINUX_ELSA-2010-0923.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68151", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0923 and \n# Oracle Linux Security Advisory ELSA-2010-0923 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68151);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2010-3611\");\n script_bugtraq_id(44615);\n script_xref(name:\"RHSA\", value:\"2010:0923\");\n\n script_name(english:\"Oracle Linux 6 : dhcp (ELSA-2010-0923)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0923 :\n\nUpdated dhcp packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. DHCPv6 is the DHCP protocol version for IPv6\nnetworks.\n\nA NULL pointer dereference flaw was discovered in the way the dhcpd\ndaemon parsed DHCPv6 packets. A remote attacker could use this flaw to\ncrash dhcpd via a specially crafted DHCPv6 packet, if dhcpd was\nrunning as a DHCPv6 server. (CVE-2010-3611)\n\nUsers running dhcpd as a DHCPv6 server should upgrade to these updated\npackages, which contain a backported patch to correct this issue.\nAfter installing this update, all DHCP servers will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001843.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"dhclient-4.1.1-12.P1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dhcp-4.1.1-12.P1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"dhcp-devel-4.1.1-12.P1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-02T00:04:38", "references": [], "pluginID": "136141256231068699", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 3, "reporter": "Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com", "published": "2011-01-24T00:00:00", "title": "FreeBSD Ports: isc-dhcp41-server", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231068699", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068699", "sourceData": "#\n#VID f154a3c7-f7f4-11df-b617-00e0815b8da8\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID f154a3c7-f7f4-11df-b617-00e0815b8da8\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: isc-dhcp41-server\n\nCVE-2010-3611\nISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\n4.2.0-P1 allows remote attackers to cause a denial of service (NULL\npointer dereference and crash) via a DHCPv6 packet containing a\nRelay-Forward message without an address in the Relay-Forward\nlink-address field.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.isc.org/software/dhcp/advisories/cve-2010-3611\nhttp://www.kb.cert.org/vuls/id/102047\nhttp://www.vuxml.org/freebsd/f154a3c7-f7f4-11df-b617-00e0815b8da8.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68699\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"FreeBSD Ports: isc-dhcp41-server\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"isc-dhcp41-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.1.0\")>=0 && revcomp(a:bver, b:\"4.1.2\")<0) {\n txt += 'Package isc-dhcp41-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:03", "references": ["http://linux.oracle.com/errata/ELSA-2010-0923.html"], "pluginID": "1361412562310122248", "description": "Oracle Linux Local Security Checks ELSA-2010-0923", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2010-0923", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310122248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122248", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2010-0923.nasl 6555 2017-07-06 11:54:09Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.122248\");\nscript_version(\"$Revision: 6555 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:15:26 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:54:09 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2010-0923\");\nscript_tag(name: \"insight\", value: \"ELSA-2010-0923 - dhcp security update - [12:4.1.1-12.P1.1]- CVE-2010-3611: NULL pointer dereference crash via crafted DHCPv6 packet (#651913)\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2010-0923\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2010-0923.html\");\nscript_cve_id(\"CVE-2010-3611\");\nscript_tag(name:\"cvss_base\", value:\"4.3\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.1.1~12.P1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.1~12.P1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.1~12.P1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:59", "references": ["2010-17312", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html"], "pluginID": "1361412562310862601", "description": "Check for the Version of dhcp", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for dhcp FEDORA-2010-17312", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2017-12-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862601", "id": "OPENVAS:1361412562310862601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-17312\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862601\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-17312\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-17312\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.0~14.P1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:04:45", "references": ["2010:226", "http://lists.mandriva.com/security-announce/2010-11/msg00013.php"], "pluginID": "1361412562310831239", "description": "Check for the Version of dhcp", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Mandriva Update for dhcp MDVSA-2010:226 (dhcp)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2018-01-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831239", "id": "OPENVAS:1361412562310831239", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for dhcp MDVSA-2010:226 (dhcp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered and corrected in ISC dhcp:\n\n ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\n 4.2.0-P1 allows remote attackers to cause a denial of service (crash)\n via a DHCPv6 packet containing a Relay-Forward message without an\n address in the Relay-Forward link-address field (CVE-2010-3611).\n \n The updated packages have been upgraded to 4.1.2 which is not\n vulnerable to this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00013.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831239\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:226\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"Mandriva Update for dhcp MDVSA-2010:226 (dhcp)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:34", "references": [], "pluginID": "68699", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com", "published": "2011-01-24T00:00:00", "title": "FreeBSD Ports: isc-dhcp41-server", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2017-02-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=68699", "id": "OPENVAS:68699", "sourceData": "#\n#VID f154a3c7-f7f4-11df-b617-00e0815b8da8\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID f154a3c7-f7f4-11df-b617-00e0815b8da8\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: isc-dhcp41-server\n\nCVE-2010-3611\nISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\n4.2.0-P1 allows remote attackers to cause a denial of service (NULL\npointer dereference and crash) via a DHCPv6 packet containing a\nRelay-Forward message without an address in the Relay-Forward\nlink-address field.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.isc.org/software/dhcp/advisories/cve-2010-3611\nhttp://www.kb.cert.org/vuls/id/102047\nhttp://www.vuxml.org/freebsd/f154a3c7-f7f4-11df-b617-00e0815b8da8.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68699);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"FreeBSD Ports: isc-dhcp41-server\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"isc-dhcp41-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.1.0\")>=0 && revcomp(a:bver, b:\"4.1.2\")<0) {\n txt += 'Package isc-dhcp41-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:40", "references": ["2010:226", "http://lists.mandriva.com/security-announce/2010-11/msg00013.php"], "pluginID": "831239", "description": "Check for the Version of dhcp", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandriva Update for dhcp MDVSA-2010:226 (dhcp)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2017-12-21T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831239", "id": "OPENVAS:831239", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for dhcp MDVSA-2010:226 (dhcp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered and corrected in ISC dhcp:\n\n ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before\n 4.2.0-P1 allows remote attackers to cause a denial of service (crash)\n via a DHCPv6 packet containing a Relay-Forward message without an\n address in the Relay-Forward link-address field (CVE-2010-3611).\n \n The updated packages have been upgraded to 4.1.2 which is not\n vulnerable to this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00013.php\");\n script_id(831239);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:226\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"Mandriva Update for dhcp MDVSA-2010:226 (dhcp)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.2~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:11:06", "references": ["2010-17312", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html"], "pluginID": "862601", "description": "Check for the Version of dhcp", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-02T00:00:00", "title": "Fedora Update for dhcp FEDORA-2010-17312", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3611"], "modified": "2017-12-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862601", "id": "OPENVAS:862601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-17312\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050766.html\");\n script_id(862601);\n script_version(\"$Revision: 8068 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-11 07:31:34 +0100 (Mon, 11 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-17312\");\n script_cve_id(\"CVE-2010-3611\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-17312\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.0~14.P1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:58:31", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html", "2010-17303"], "pluginID": "862571", "description": "Check for the Version of dhcp", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-23T00:00:00", "title": "Fedora Update for dhcp FEDORA-2010-17303", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2156", "CVE-2010-3611"], "modified": "2017-12-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862571", "id": "OPENVAS:862571", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-17303\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051287.html\");\n script_id(862571);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-17303\");\n script_cve_id(\"CVE-2010-3611\", \"CVE-2010-2156\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-17303\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.1~27.P1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:11:00", "references": ["2010-18856", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html"], "pluginID": "862735", "description": "Check for the Version of dhcp", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for dhcp FEDORA-2010-18856", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3616", "CVE-2010-3611"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862735", "id": "OPENVAS:862735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-18856\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html\");\n script_id(862735);\n script_version(\"$Revision: 8037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 07:32:03 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18856\");\n script_cve_id(\"CVE-2010-3616\", \"CVE-2010-3611\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-18856\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.0~16.P2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:08", "references": ["2010-18856", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html"], "pluginID": "1361412562310862735", "description": "Check for the Version of dhcp", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for dhcp FEDORA-2010-18856", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3616", "CVE-2010-3611"], "modified": "2017-12-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862735", "id": "OPENVAS:1361412562310862735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-18856\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052329.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862735\");\n script_version(\"$Revision: 8168 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 08:30:15 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18856\");\n script_cve_id(\"CVE-2010-3616\", \"CVE-2010-3611\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-18856\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.0~16.P2.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:42:07", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.i686.rpm", "packageName": "dhclient", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm", "packageName": "dhcp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm", "packageName": "dhcp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm", "packageName": "dhclient", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm", "packageName": "dhcp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm", "packageName": "dhcp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "src", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.src.rpm", "packageName": "dhcp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "src", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.src.rpm", "packageName": "dhcp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.i686.rpm", "packageName": "dhcp", "operator": "lt"}], "description": "[12:4.1.1-12.P1.1]\n- CVE-2010-3611: NULL pointer dereference crash via crafted DHCPv6 packet (#651913)", "edition": 3, "reporter": "Oracle", "published": "2011-02-10T00:00:00", "title": "dhcp security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3611"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2010-0923", "href": "http://linux.oracle.com/errata/ELSA-2010-0923.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-06-12T21:09:44", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "src", "packageName": "dhcp", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageName": "dhcp", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageName": "dhcp", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "i686", "packageName": "dhclient", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "x86_64", "packageName": "dhclient", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc64", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc64", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc64", "packageName": "dhclient", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "ppc64", "packageName": "dhcp", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390x", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390", "packageName": "dhcp-debuginfo", "packageFilename": "dhcp-debuginfo-4.1.1-12.P1.el6_0.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390x", "packageName": "dhcp-devel", "packageFilename": "dhcp-devel-4.1.1-12.P1.el6_0.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390x", "packageName": "dhclient", "packageFilename": "dhclient-4.1.1-12.P1.el6_0.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "4.1.1-12.P1.el6_0.1", "arch": "s390x", "packageName": "dhcp", "packageFilename": "dhcp-4.1.1-12.P1.el6_0.1.s390x.rpm", "operator": "lt"}], "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress. DHCPv6 is the DHCP protocol version for IPv6 networks.\n\nA NULL pointer dereference flaw was discovered in the way the dhcpd daemon\nparsed DHCPv6 packets. A remote attacker could use this flaw to crash dhcpd\nvia a specially-crafted DHCPv6 packet, if dhcpd was running as a DHCPv6\nserver. (CVE-2010-3611)\n\nUsers running dhcpd as a DHCPv6 server should upgrade to these updated\npackages, which contain a backported patch to correct this issue. After\ninstalling this update, all DHCP servers will be restarted automatically.\n", "reporter": "RedHat", "published": "2010-11-30T05:00:00", "type": "redhat", "title": "(RHSA-2010:0923) Moderate: dhcp security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3611"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:32", "id": "RHSA-2010:0923", "href": "https://access.redhat.com/errata/RHSA-2010:0923", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}