Lucene search
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2011-1819.NASLHistoryDec 23, 2011 - 12:00 a.m.
CentOS 6 : dhcp (CESA-2011:1819)
2011-12-2300:00:00
This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.
A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in ‘/etc/dhcp/dhcpd.conf’. A remote attacker could use this flaw to crash dhcpd. (CVE-2011-4539)
Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2011:1819 and
# CentOS Errata and Security Advisory 2011:1819 respectively.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(57380);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2011-4539");
script_bugtraq_id(50971);
script_xref(name:"RHSA", value:"2011:1819");
script_name(english:"CentOS 6 : dhcp (CESA-2011:1819)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated dhcp packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.
The Dynamic Host Configuration Protocol (DHCP) is a protocol that
allows individual devices on an IP network to get their own network
configuration information, including an IP address, a subnet mask, and
a broadcast address.
A denial of service flaw was found in the way the dhcpd daemon handled
DHCP request packets when regular expression matching was used in
'/etc/dhcp/dhcpd.conf'. A remote attacker could use this flaw to crash
dhcpd. (CVE-2011-4539)
Users of DHCP should upgrade to these updated packages, which contain
a backported patch to correct this issue. After installing this
update, all DHCP servers will be restarted automatically."
);
# https://lists.centos.org/pipermail/centos-announce/2011-December/018339.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?48c2183d"
);
script_set_attribute(attribute:"solution", value:"Update the affected dhcp packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:dhclient");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:dhcp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:dhcp-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:dhcp-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/12/08");
script_set_attribute(attribute:"patch_publication_date", value:"2011/12/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/12/23");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-6", reference:"dhclient-4.1.1-25.P1.el6_2.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"dhcp-4.1.1-25.P1.el6_2.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"dhcp-common-4.1.1-25.P1.el6_2.1")) flag++;
if (rpm_check(release:"CentOS-6", reference:"dhcp-devel-4.1.1-25.P1.el6_2.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dhclient / dhcp / dhcp-common / dhcp-devel");
}
Related
redhat
redhat
(RHSA-2011:1819) Moderate: dhcp security update
2011-12-14 00:00:00
(RHSA-2011:1850) Important: rhev-hypervisor6 security and bug fix update
2011-12-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:07:23
openvas
openvas
Ubuntu: Security Advisory (USN-1309-1)
2011-12-16 00:00:00
CentOS Update for dhclient CESA-2011:1819 centos6
2012-07-30 00:00:00
RedHat Update for dhcp RHSA-2011:1819-01
2012-07-09 00:00:00
cvelist
cvelist
CVE-2011-4539
2011-12-08 11:00:00
nessus
nessus
RHEL 6 : dhcp (RHSA-2011:1819)
2011-12-15 00:00:00
Oracle Solaris Third-Party Patch Update : isc-dhcp (cve_2011_4539_denial_of)
2015-01-19 00:00:00
debiancve
debiancve
CVE-2011-4539
2011-12-08 11:55:00
freebsd
freebsd
isc-dhcp-server -- Remote DoS
2011-12-07 00:00:00
cve
cve
CVE-2011-4539
2011-12-08 11:55:00
securityvulns
securityvulns
ISC DHCP DoS
2011-12-11 00:00:00
amazon
amazon
Medium: dhcp
2012-01-05 20:58:00
fedora
fedora
[SECURITY] Fedora 16 Update: dhcp-4.2.3-4.P1.fc16
2011-12-14 23:32:30
[SECURITY] Fedora 16 Update: dhcp-4.2.3-5.P2.fc16
2012-01-22 05:25:38
[SECURITY] Fedora 15 Update: dhcp-4.2.1-14.P1.fc15
2012-01-02 21:49:27
prion
prion
Design/Logic Flaw
2011-12-08 11:55:00
ubuntucve
ubuntucve
CVE-2011-4539
2011-12-08 00:00:00
oraclelinux
oraclelinux
dhcp security update
2011-12-16 00:00:00
ubuntu
ubuntu
DHCP vulnerability
2011-12-15 00:00:00
centos
centos
dhclient, dhcp security update
2011-12-22 15:44:59
osv
osv
isc-dhcp - denial of service
2012-08-04 00:00:00
isc-dhcp - denial of service
2012-08-04 00:00:00
debian
debian
[SECURITY] [DSA 2519-1] isc-dhcp security update
2012-08-01 18:34:43
[SECURITY] [DSA 2519-2] isc-dhcp regression
2012-08-04 11:11:14
slackware
slackware
[slackware-security] dhcp
2012-08-24 22:54:35
gentoo
gentoo
ISC DHCP: Denial of service
2013-01-09 00:00:00
Related for CENTOS_RHSA-2011-1819.NASL