{"id": "NEWSTART_CGSL_NS-SA-2019-0190_DHCP.NASL", "bulletinFamily": "scanner", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : dhcp Vulnerability (NS-SA-2019-0190)", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dhcp packages installed that are affected by a\nvulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application's self-\nreported version number.", "published": "2019-10-15T00:00:00", "modified": "2019-10-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/129934", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://security.gd-linux.com/notice/NS-SA-2019-0190"], "cvelist": ["CVE-2019-6470"], "type": "nessus", "lastseen": "2021-01-17T12:05:02", "edition": 17, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-6470"]}, {"type": "f5", "idList": ["F5:K39573942"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220192336", "OPENVAS:1361412562311220201267", "OPENVAS:1361412562311220201204", "OPENVAS:1361412562311220192137", "OPENVAS:1361412562311220201273", "OPENVAS:1361412562310852803", "OPENVAS:1361412562311220191826", "OPENVAS:1361412562310852743", "OPENVAS:1361412562311220192568", "OPENVAS:1361412562310844003"]}, {"type": "centos", "idList": ["CESA-2019:2060"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2060", "ELSA-2019-3525"]}, {"type": "ubuntu", "idList": ["USN-3973-1"]}, {"type": "redhat", "idList": ["RHSA-2019:3525", "RHSA-2019:2060"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2340-1", "OPENSUSE-SU-2019:2341-1"]}, {"type": "amazon", "idList": ["ALAS2-2019-1346"]}, {"type": "nessus", "idList": ["SL_20190806_DHCP_ON_SL7_X.NASL", "AL2_ALAS-2019-1346.NASL", "PHOTONOS_PHSA-2020-3_0-0063_BINDUTILS.NASL", "OPENSUSE-2019-2340.NASL", "OPENSUSE-2019-2341.NASL", "EULEROS_SA-2019-2568.NASL", "EULEROS_SA-2019-2500.NASL", "ISC_DHCP_CVE-2019-6470.NASL", "EULEROS_SA-2020-1267.NASL", "EULEROS_SA-2019-2137.NASL"]}], "modified": "2021-01-17T12:05:02", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-01-17T12:05:02", "rev": 2}, "vulnersScore": 6.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0190. The text\n# itself is copyright (C) ZTE, Inc.\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129934);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : dhcp Vulnerability (NS-SA-2019-0190)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dhcp packages installed that are affected by a\nvulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application's self-\nreported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0190\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL dhcp packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6470\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"dhclient-4.2.5-77.el7.centos\",\n \"dhcp-4.2.5-77.el7.centos\",\n \"dhcp-common-4.2.5-77.el7.centos\",\n \"dhcp-debuginfo-4.2.5-77.el7.centos\",\n \"dhcp-devel-4.2.5-77.el7.centos\",\n \"dhcp-libs-4.2.5-77.el7.centos\"\n ],\n \"CGSL MAIN 5.04\": [\n \"dhclient-4.2.5-77.el7.centos\",\n \"dhcp-4.2.5-77.el7.centos\",\n \"dhcp-common-4.2.5-77.el7.centos\",\n \"dhcp-debuginfo-4.2.5-77.el7.centos\",\n \"dhcp-devel-4.2.5-77.el7.centos\",\n \"dhcp-libs-4.2.5-77.el7.centos\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "naslFamily": "NewStart CGSL Local Security Checks", "pluginID": "129934", "cpe": [], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}

{"cve": [{"lastseen": "2020-12-09T21:41:55", "description": "There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-01T23:15:00", "title": "CVE-2019-6470", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6470"], "modified": "2019-11-06T21:52:00", "cpe": ["cpe:/o:opensuse:leap:15.0", "cpe:/a:isc:bind:*", "cpe:/o:opensuse:leap:15.1", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0"], "id": "CVE-2019-6470", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6470", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:39:45", "bulletinFamily": "software", "cvelist": ["CVE-2019-6470"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2019-11-15T21:08:00", "published": "2019-09-04T19:41:00", "id": "F5:K39573942", "href": "https://support.f5.com/csp/article/K39573942", "title": "DHCP vulnerability CVE-2019-6470", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:27:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852803", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852803", "type": "openvas", "title": "openSUSE: Security Advisory for dhcp (openSUSE-SU-2019:2341-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852803\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:31:47 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for dhcp (openSUSE-SU-2019:2341-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2341-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dhcp'\n package(s) announced via the openSUSE-SU-2019:2341-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for dhcp fixes the following issues:\n\n Secuirty issue fixed:\n\n - CVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\n Bug fixes:\n\n - Add compile option --enable-secs-byteorder to avoid duplicate lease\n warnings (bsc#1089524).\n\n - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 (bsc#1136572).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2341=1\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-client-debuginfo\", rpm:\"dhcp-client-debuginfo~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-debugsource\", rpm:\"dhcp-debugsource~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-relay-debuginfo\", rpm:\"dhcp-relay-debuginfo~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-server-debuginfo\", rpm:\"dhcp-server-debuginfo~4.3.5~lp151.6.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-23T14:51:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-19T00:00:00", "published": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201273", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2020-1273)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1273\");\n script_version(\"2020-03-19T13:43:23+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:23 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:23 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2020-1273)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1273\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1273\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2020-1273 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-23T14:58:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-19T00:00:00", "published": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201267", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp-noddns (EulerOS-SA-2020-1267)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1267\");\n script_version(\"2020-03-19T13:43:01+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:01 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:01 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp-noddns (EulerOS-SA-2020-1267)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1267\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1267\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp-noddns' package(s) announced via the EulerOS-SA-2020-1267 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp-noddns' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient-noddns\", rpm:\"dhclient-noddns~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-noddns\", rpm:\"dhcp-noddns~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-noddns-common\", rpm:\"dhcp-noddns-common~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-noddns-libs\", rpm:\"dhcp-noddns-libs~4.2.5~68.1.h12\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-14T16:47:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-13T00:00:00", "published": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201204", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201204", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2020-1204)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1204\");\n script_version(\"2020-03-13T07:14:03+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:14:03 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:14:03 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2020-1204)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1204\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1204\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2020-1204 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.2.5~68.1.h12\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.5~68.1.h12\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.2.5~68.1.h12\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.2.5~68.1.h12\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:40:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192568", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2568)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2568\");\n script_version(\"2020-01-23T13:06:37+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:06:37 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:06:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2568)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2568\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2568\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2019-2568 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192137", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192137", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2137)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2137\");\n script_version(\"2020-01-23T12:36:00+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:36:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:36:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2137)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2137\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2137\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2019-2137 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.2.5~68.1.h12.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.5~68.1.h12.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.2.5~68.1.h12.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.2.5~68.1.h12.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191826", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-1826)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1826\");\n script_version(\"2020-01-23T12:23:57+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:23:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:23:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-1826)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1826\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1826\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2019-1826 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.3.6~28.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.3.6~28.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.3.6~28.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.3.6~28.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.3.6~28.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-08T14:19:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the\n ", "modified": "2019-11-08T00:00:00", "published": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310844003", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844003", "type": "openvas", "title": "Ubuntu Update for isc-dhcp USN-3973-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844003\");\n script_version(\"2019-11-08T08:01:14+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-11-08 08:01:14 +0000 (Fri, 08 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-14 02:00:46 +0000 (Tue, 14 May 2019)\");\n script_name(\"Ubuntu Update for isc-dhcp USN-3973-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU18\\.10)\");\n\n script_xref(name:\"USN\", value:\"3973-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3973-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'isc-dhcp' package(s) announced via the USN-3973-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that DHCP, when built with\n a mismatched external BIND library, incorrectly handled certain memory operations.\n A remote attacker could possibly use this issue to cause DHCP to crash, resulting\n in a denial of service.\");\n\n script_tag(name:\"affected\", value:\"'isc-dhcp' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"isc-dhcp-server\", ver:\"4.3.5-3ubuntu7.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"isc-dhcp-server\", ver:\"4.3.5-3ubuntu9.1\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:39:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192500", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2500)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2500\");\n script_version(\"2020-01-23T13:01:49+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:01:49 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:01:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2500)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2500\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2500\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2019-2500 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.2.5~68.1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:39:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192336", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2336)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2336\");\n script_version(\"2020-01-23T12:47:29+0000\");\n script_cve_id(\"CVE-2019-6470\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:47:29 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:47:29 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2336)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.3\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2336\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2336\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'dhcp' package(s) announced via the EulerOS-SA-2019-2336 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.(CVE-2019-6470)\");\n\n script_tag(name:\"affected\", value:\"'dhcp' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.3.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.3.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.3.6~28.h6.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.3.6~28.h6.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-libs\", rpm:\"dhcp-libs~4.3.6~28.h6.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.3.6~28.h6.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.3.6~28.h6.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-11-21T23:24:54", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "[12:4.3.6-34]\n- Resolves: #1704672 - Fix crash caused by bind rebase\n[12:4.3.6-33]\n- Resolves: #1673946 - Change default prefix length to 128\n- Add address-prefix-lenght option to change default value\n- Fix backporting issues\n[12:4.3.6-31]\n- Resolves: #1685560 - Drop executable flag from NM dispatcher", "edition": 1, "modified": "2019-11-14T00:00:00", "published": "2019-11-14T00:00:00", "id": "ELSA-2019-3525", "href": "http://linux.oracle.com/errata/ELSA-2019-3525.html", "title": "dhcp security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-14T08:37:14", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1111", "CVE-2019-6470"], "description": "[12:4.2.5-77.0.1]\n- Direct users to Oracle Linux support site.\n[12:4.2.5-77]\n- Resolves: #1712414 - Reset signal handlers set by isclib\n[12:4.2.5-76]\n- Resolves: #1704675 - Fix crash of dhcpd(6) triggered by bind rebase\n[12:4.2.5-75]\n- Resolves: #1672308 - Do not restart dhcp on NetworkManagers up events\n[12:4.2.5-74]\n- Use bind-export-libs package instead of bind99\n- Use isc-config.sh to configure bind libs\n- Change requirement to bind-export-devel\n- Compile with recent bind includes, that does not include isc/util.h\n[12:4.2.5-73]\n- Resolves: #1635181\n- Change default ipv6 prefix to /128.\n- Allow its customization via cl option\n[12:4.2.5-72]\n- Resolves: #1647784 - Update renew time if it is greater than expiry\n[12:4.2.5-71]\n- Resolves: #1623792 - Load leases file in tracing mode only\n[12:4.2.5-70]\n- Resolves: #1574292 - Fix options conflict for ddns update\n[12:4.2.5-69]\n- Resolves: #1570895 - Fix command execution vulnerability (CVE-2018-1111)", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "ELSA-2019-2060", "href": "http://linux.oracle.com/errata/ELSA-2019-2060.html", "title": "dhcp security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "It was discovered that DHCP, when built with a mismatched external BIND \nlibrary, incorrectly handled certain memory operations. A remote attacker \ncould possibly use this issue to cause DHCP to crash, resulting in a \ndenial of service.", "edition": 1, "modified": "2019-05-13T00:00:00", "published": "2019-05-13T00:00:00", "id": "USN-3973-1", "href": "https://ubuntu.com/security/notices/USN-3973-1", "title": "DHCP vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-11-07T11:03:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "modified": "2019-11-06T00:44:22", "published": "2019-11-05T22:56:03", "id": "RHSA-2019:3525", "href": "https://access.redhat.com/errata/RHSA-2019:3525", "type": "redhat", "title": "(RHSA-2019:3525) Moderate: dhcp security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-07T11:04:03", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "modified": "2019-08-06T13:41:24", "published": "2019-08-06T11:56:37", "id": "RHSA-2019:2060", "href": "https://access.redhat.com/errata/RHSA-2019:2060", "type": "redhat", "title": "(RHSA-2019:2060) Moderate: dhcp security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2019-10-20T08:29:29", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "This update for dhcp fixes the following issues:\n\n Secuirty issue fixed:\n\n - CVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\n Bug fixes:\n\n - Add compile option --enable-secs-byteorder to avoid duplicate lease\n warnings (bsc#1089524).\n - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 (bsc#1136572).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-10-20T06:11:52", "published": "2019-10-20T06:11:52", "id": "OPENSUSE-SU-2019:2340-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html", "title": "Security update for dhcp (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-10-20T08:29:30", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "This update for dhcp fixes the following issues:\n\n Secuirty issue fixed:\n\n - CVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\n Bug fixes:\n\n - Add compile option --enable-secs-byteorder to avoid duplicate lease\n warnings (bsc#1089524).\n - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 (bsc#1136572).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-10-20T06:11:01", "published": "2019-10-20T06:11:01", "id": "OPENSUSE-SU-2019:2341-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html", "title": "Security update for dhcp (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "amazon": [{"lastseen": "2020-11-10T12:36:02", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "**Issue Overview:**\n\nThere had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.([CVE-2019-6470 __](<https://access.redhat.com/security/cve/CVE-2019-6470>))\n\n \n**Affected Packages:** \n\n\ndhcp\n\n \n**Issue Correction:** \nRun _yum update dhcp_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n dhcp-4.2.5-77.amzn2.1.1.aarch64 \n dhclient-4.2.5-77.amzn2.1.1.aarch64 \n dhcp-common-4.2.5-77.amzn2.1.1.aarch64 \n dhcp-libs-4.2.5-77.amzn2.1.1.aarch64 \n dhcp-devel-4.2.5-77.amzn2.1.1.aarch64 \n dhcp-debuginfo-4.2.5-77.amzn2.1.1.aarch64 \n \n i686: \n dhcp-4.2.5-77.amzn2.1.1.i686 \n dhclient-4.2.5-77.amzn2.1.1.i686 \n dhcp-common-4.2.5-77.amzn2.1.1.i686 \n dhcp-libs-4.2.5-77.amzn2.1.1.i686 \n dhcp-devel-4.2.5-77.amzn2.1.1.i686 \n dhcp-debuginfo-4.2.5-77.amzn2.1.1.i686 \n \n src: \n dhcp-4.2.5-77.amzn2.1.1.src \n \n x86_64: \n dhcp-4.2.5-77.amzn2.1.1.x86_64 \n dhclient-4.2.5-77.amzn2.1.1.x86_64 \n dhcp-common-4.2.5-77.amzn2.1.1.x86_64 \n dhcp-libs-4.2.5-77.amzn2.1.1.x86_64 \n dhcp-devel-4.2.5-77.amzn2.1.1.x86_64 \n dhcp-debuginfo-4.2.5-77.amzn2.1.1.x86_64 \n \n \n", "edition": 1, "modified": "2019-11-04T22:05:00", "published": "2019-11-04T22:05:00", "id": "ALAS2-2019-1346", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1346.html", "title": "Medium: dhcp", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-07T09:03:12", "description": "According to the version of the dhcp-noddns packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-20T00:00:00", "title": "EulerOS Virtualization 3.0.2.2 : dhcp-noddns (EulerOS-SA-2020-1267)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2020-03-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dhclient-noddns", "cpe:/o:huawei:euleros:uvp:3.0.2.2", "p-cpe:/a:huawei:euleros:dhcp-noddns-common", "p-cpe:/a:huawei:euleros:dhcp-noddns", "p-cpe:/a:huawei:euleros:dhcp-noddns-libs"], "id": "EULEROS_SA-2020-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/134733", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134733);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-6470\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : dhcp-noddns (EulerOS-SA-2020-1267)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the dhcp-noddns packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1267\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5a1843f7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dhcp-noddns package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhclient-noddns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-noddns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-noddns-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-noddns-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"dhclient-noddns-4.2.5-68.1.h12\",\n \"dhcp-noddns-4.2.5-68.1.h12\",\n \"dhcp-noddns-common-4.2.5-68.1.h12\",\n \"dhcp-noddns-libs-4.2.5-68.1.h12\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-noddns\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T15:40:05", "description": "The DHCP server version installed on the remote host is prior to 4.4.1. It is, therefore, vulnerable to a denial of\nservice condition. There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when\noperating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but\nthe bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of \nthis, and other, BIND libraries in combinations that have been tested prior to release and are known to not present\nissues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version\nmatchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and\nno analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of\ndhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes\nbackported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are\nvulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor\ndocumentation.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-16T00:00:00", "title": "ISC DHCP < 4.4.1 DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2020-07-16T00:00:00", "cpe": ["cpe:/a:isc:dhcp", "cpe:/a:isc:bind"], "id": "ISC_DHCP_CVE-2019-6470.NASL", "href": "https://www.tenable.com/plugins/nessus/138525", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138525);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/17\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"ISC DHCP < 4.4.1 DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The DHCP server installed on the remote Linux host is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The DHCP server version installed on the remote host is prior to 4.4.1. It is, therefore, vulnerable to a denial of\nservice condition. There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when\noperating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but\nthe bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of \nthis, and other, BIND libraries in combinations that have been tested prior to release and are known to not present\nissues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version\nmatchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and\nno analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of\ndhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes\nbackported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are\nvulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor\ndocumentation.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected DHCP server to version 4.4.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6470\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:isc:bind\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"dhcp_detect.nbin\");\n script_require_keys(\"dhcp_server/type\", \"dhcp_server/version\");\n\n exit(0);\n}\n\napp = 'ISC DHCP';\nfix = '4.4.1';\n\ntype = get_kb_item_or_exit('dhcp_server/type');\nif ('isc-dhcp' >!< type) audit(AUDIT_NOT_INST, app);\n\nversion = get_kb_item_or_exit('dhcp_server/version');\n\nif (version =~ \"^[0-9]+\\.[0-9]+$\")\n audit(AUDIT_VER_NOT_GRANULAR, app, version);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (ver_compare(fix:fix, ver:version, strict:FALSE) < 0)\n{\n report = '\\n Installed version : ' + version + '\\n';\n security_report_v4(severity:SECURITY_WARNING, port:0, extra:report);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app, version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:03:14", "description": "According to the version of the dhcp packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-20T00:00:00", "title": "EulerOS Virtualization 3.0.2.2 : dhcp (EulerOS-SA-2020-1273)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2020-03-20T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.2", "p-cpe:/a:huawei:euleros:dhcp", "p-cpe:/a:huawei:euleros:dhclient", "p-cpe:/a:huawei:euleros:dhcp-libs", "p-cpe:/a:huawei:euleros:dhcp-common"], "id": "EULEROS_SA-2020-1273.NASL", "href": "https://www.tenable.com/plugins/nessus/134739", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134739);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-6470\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : dhcp (EulerOS-SA-2020-1273)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the dhcp packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f9c7eacb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"dhclient-4.2.5-68.1.h12\",\n \"dhcp-4.2.5-68.1.h12\",\n \"dhcp-common-4.2.5-68.1.h12\",\n \"dhcp-libs-4.2.5-68.1.h12\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-11T04:57:41", "description": "This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\nCVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\nBug fixes: Add compile option --enable-secs-byteorder to avoid\nduplicate lease warnings (bsc#1089524).\n\nUse IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n(bsc#1136572).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-11-13T00:00:00", "title": "SUSE SLES12 Security Update : dhcp (SUSE-SU-2019:2727-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dhcp-relay", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:dhcp-debugsource", "p-cpe:/a:novell:suse_linux:dhcp", "p-cpe:/a:novell:suse_linux:dhcp-server-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-client-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-server", "p-cpe:/a:novell:suse_linux:dhcp-relay-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-client"], "id": "SUSE_SU-2019-2727-2.NASL", "href": "https://www.tenable.com/plugins/nessus/130941", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2727-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130941);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"SUSE SLES12 Security Update : dhcp (SUSE-SU-2019:2727-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\nCVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\nBug fixes: Add compile option --enable-secs-byteorder to avoid\nduplicate lease warnings (bsc#1089524).\n\nUse IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n(bsc#1136572).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6470/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192727-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1114be94\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2727=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-2727=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-relay-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-client-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-client-debuginfo-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-debuginfo-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-debugsource-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-relay-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-relay-debuginfo-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-server-4.3.3-10.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"dhcp-server-debuginfo-4.3.3-10.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-11T04:24:25", "description": "An update for dhcp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. The dhcp packages provide a relay agent and ISC\nDHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es) :\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code\nleading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.", "edition": 12, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-11-06T00:00:00", "title": "RHEL 8 : dhcp (RHSA-2019:3525)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-11-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhcp-client", "p-cpe:/a:redhat:enterprise_linux:dhcp-relay-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dhcp-relay", "p-cpe:/a:redhat:enterprise_linux:dhcp-common", "p-cpe:/a:redhat:enterprise_linux:dhcp-debugsource", "p-cpe:/a:redhat:enterprise_linux:dhcp-libs-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dhcp-client-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dhcp-server", "p-cpe:/a:redhat:enterprise_linux:dhcp-libs", "p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dhcp-server-debuginfo", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3525.NASL", "href": "https://www.tenable.com/plugins/nessus/130549", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3525. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130549);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"RHSA\", value:\"2019:3525\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"RHEL 8 : dhcp (RHSA-2019:3525)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for dhcp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. The dhcp packages provide a relay agent and ISC\nDHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es) :\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code\nleading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6470\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-relay-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3525\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-client-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-client-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-client-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-client-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-client-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", reference:\"dhcp-common-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-debugsource-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-debugsource-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-debugsource-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-libs-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-libs-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-libs-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-libs-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-libs-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-libs-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-relay-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-relay-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-relay-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-relay-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-relay-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-server-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-server-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"dhcp-server-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"dhcp-server-debuginfo-4.3.6-34.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"dhcp-server-debuginfo-4.3.6-34.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client / dhcp-client-debuginfo / dhcp-common / dhcp-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-11T04:22:48", "description": "An update for dhcp is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. The dhcp packages provide a relay agent and ISC\nDHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es) :\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code\nleading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.", "edition": 14, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-08-12T00:00:00", "title": "RHEL 7 : dhcp (RHSA-2019:2060)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-08-12T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhcp-common", "p-cpe:/a:redhat:enterprise_linux:dhclient", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:dhcp-devel", "p-cpe:/a:redhat:enterprise_linux:dhcp-libs", "p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo", "p-cpe:/a:redhat:enterprise_linux:dhcp"], "id": "REDHAT-RHSA-2019-2060.NASL", "href": "https://www.tenable.com/plugins/nessus/127664", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2060. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127664);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"RHSA\", value:\"2019:2060\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"RHEL 7 : dhcp (RHSA-2019:2060)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for dhcp is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address. The dhcp packages provide a relay agent and ISC\nDHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es) :\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code\nleading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6470\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2060\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dhclient-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dhclient-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dhcp-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dhcp-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"dhcp-common-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"dhcp-common-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"dhcp-debuginfo-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"dhcp-devel-4.2.5-77.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"dhcp-libs-4.2.5-77.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-common / dhcp-debuginfo / dhcp-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-14T06:21:41", "description": "This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\nCVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\nBug fixes: Add compile option --enable-secs-byteorder to avoid\nduplicate lease warnings (bsc#1089524).\n\nUse IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n(bsc#1136572).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-10-15T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : dhcp (SUSE-SU-2019:2657-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-10-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dhcp-relay", "p-cpe:/a:novell:suse_linux:dhcp-debugsource", "p-cpe:/a:novell:suse_linux:dhcp", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:dhcp-doc", "p-cpe:/a:novell:suse_linux:dhcp-devel", "p-cpe:/a:novell:suse_linux:dhcp-server-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-client-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-server", "p-cpe:/a:novell:suse_linux:dhcp-relay-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-debuginfo", "p-cpe:/a:novell:suse_linux:dhcp-client"], "id": "SUSE_SU-2019-2657-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129881", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2657-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129881);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : dhcp (SUSE-SU-2019:2657-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\nCVE-2019-6470: Fixed DHCPv6 server crashes (bsc#1134078).\n\nBug fixes: Add compile option --enable-secs-byteorder to avoid\nduplicate lease warnings (bsc#1089524).\n\nUse IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n(bsc#1136572).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6470/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192657-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ad92a0e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Server-Applications-15-SP1-2019-2657=1\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-2657=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2657=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2657=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2657=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2657=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-relay-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dhcp-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-client-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-client-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-debugsource-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-devel-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-doc-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-relay-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-relay-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-server-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"dhcp-server-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-client-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-client-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-debugsource-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-devel-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-doc-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-relay-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-relay-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-server-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"dhcp-server-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-client-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-client-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-debugsource-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-devel-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"dhcp-doc-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-client-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-client-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-debuginfo-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-debugsource-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-devel-4.3.5-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"dhcp-doc-4.3.5-6.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:01:14", "description": "According to the version of the dhcp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-12-04T00:00:00", "title": "EulerOS 2.0 SP2 : dhcp (EulerOS-SA-2019-2500)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-12-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dhcp", "p-cpe:/a:huawei:euleros:dhclient", "p-cpe:/a:huawei:euleros:dhcp-libs", "p-cpe:/a:huawei:euleros:dhcp-common", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2500.NASL", "href": "https://www.tenable.com/plugins/nessus/131653", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131653);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-6470\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"EulerOS 2.0 SP2 : dhcp (EulerOS-SA-2019-2500)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the dhcp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - There had existed in one of the ISC BIND libraries a\n bug in a function that was used by dhcpd when operating\n in DHCPv6 mode. There was also a bug in dhcpd relating\n to the use of this function per its documentation, but\n the bug in the library function prevented this from\n causing any harm. All releases of dhcpd from ISC\n contain copies of this, and other, BIND libraries in\n combinations that have been tested prior to release and\n are known to not present issues like this. Some\n third-party packagers of ISC software have modified the\n dhcpd source, BIND source, or version matchup in ways\n that create the crash potential. Based on reports\n available to ISC, the crash probability is large and no\n analysis has been done on how, or even if, the\n probability can be manipulated by an attacker. Affects:\n Builds of dhcpd versions prior to version 4.4.1 when\n using BIND versions 9.11.2 or later, or BIND versions\n with specific bug fixes backported to them. ISC does\n not have access to comprehensive version lists for all\n repackagings of dhcpd that are vulnerable. In\n particular, builds from other vendors may also be\n affected. Operators are advised to consult their vendor\n documentation.(CVE-2019-6470)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2500\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2623c8fd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dhcp-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"dhclient-4.2.5-68.1.h4\",\n \"dhcp-4.2.5-68.1.h4\",\n \"dhcp-common-4.2.5-68.1.h4\",\n \"dhcp-libs-4.2.5-68.1.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-11T03:43:39", "description": "This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\n - CVE-2019-6470: Fixed DHCPv6 server crashes\n (bsc#1134078).\n\nBug fixes :\n\n - Add compile option --enable-secs-byteorder to avoid\n duplicate lease warnings (bsc#1089524).\n\n - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n (bsc#1136572).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 14, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-10-21T00:00:00", "title": "openSUSE Security Update : dhcp (openSUSE-2019-2341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2019-10-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-debuginfo", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-relay-debuginfo", "p-cpe:/a:novell:opensuse:dhcp-client-debuginfo", "p-cpe:/a:novell:opensuse:dhcp-debugsource", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-server", "p-cpe:/a:novell:opensuse:dhcp-server-debuginfo"], "id": "OPENSUSE-2019-2341.NASL", "href": "https://www.tenable.com/plugins/nessus/130081", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2341.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130081);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"openSUSE Security Update : dhcp (openSUSE-2019-2341)\");\n script_summary(english:\"Check for the openSUSE-2019-2341 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for dhcp fixes the following issues :\n\nSecuirty issue fixed :\n\n - CVE-2019-6470: Fixed DHCPv6 server crashes\n (bsc#1134078).\n\nBug fixes :\n\n - Add compile option --enable-secs-byteorder to avoid\n duplicate lease warnings (bsc#1089524).\n\n - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6\n (bsc#1136572).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136572\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-client-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-client-debuginfo-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-debuginfo-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-debugsource-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-devel-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-relay-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-relay-debuginfo-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-server-4.3.5-lp151.6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"dhcp-server-debuginfo-4.3.5-lp151.6.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp / dhcp-client / dhcp-client-debuginfo / dhcp-debuginfo / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-22T00:55:04", "description": "An update of the bindutils package has been released.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-02T00:00:00", "title": "Photon OS 3.0: Bindutils PHSA-2020-3.0-0063", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6470"], "modified": "2020-03-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:bindutils", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0063_BINDUTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/134209", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0063. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134209);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/21\");\n\n script_cve_id(\"CVE-2019-6470\");\n script_xref(name:\"IAVB\", value:\"2020-B-0036\");\n\n script_name(english:\"Photon OS 3.0: Bindutils PHSA-2020-3.0-0063\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the bindutils package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-63.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6470\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:bindutils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"bindutils-9.15\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"bindutils-9.15.6-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"bindutils-9.15\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"bindutils-9.15.6-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"bindutils-debuginfo-9.15\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"bindutils-debuginfo-9.15.6-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"bindutils-debuginfo-9.15\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"bindutils-debuginfo-9.15.6-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bindutils\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:25:49", "bulletinFamily": "unix", "cvelist": ["CVE-2019-6470"], "description": "**CentOS Errata and Security Advisory** CESA-2019:2060\n\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: double-deletion of the released addresses in the dhcpv6 code leading to crash and possible DoS (CVE-2019-6470)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2019-August/005847.html\n\n**Affected packages:**\ndhclient\ndhcp\ndhcp-common\ndhcp-devel\ndhcp-libs\n\n**Upstream details at:**\n", "edition": 3, "modified": "2019-08-30T02:41:23", "published": "2019-08-30T02:41:23", "id": "CESA-2019:2060", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2019-August/005847.html", "title": "dhclient, dhcp security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}