Lucene search
K

openSUSE Security Update : dhcp (openSUSE-SU-2011:1021-1)

🗓️ 13 Jun 2014 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 32 Views

openSUSE update for dhcp fixing DoS vulnerabilities and other bugs

Related
Refs
Code
ReporterTitlePublishedViews
Family
FreeBSD
isc-dhcp-server -- server halt upon processing certain packets
10 Aug 201100:00
freebsd
BDU FSTEC
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
7 Jul 201600:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
BDU FSTEC
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the accessibility of protected information
28 Apr 201500:00
bdu_fstec
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update dhcp-5081.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75814);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2011-2748", "CVE-2011-2749");

  script_name(english:"openSUSE Security Update : dhcp (openSUSE-SU-2011:1021-1)");
  script_summary(english:"Check for the dhcp-5081 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of dhcp fixes two Denial of Service (CVE-2011-2748,
CVE-2011-2749) vulnerabilities caused by specially crafted BOOTP
packets.

Also following bugs were fixed :

  - Moved server pid files into chroot directory even chroot
    is not used and create a link in /var/run, so it can
    write one when started as user without chroot and avoid
    stop problems when the chroot sysconfig setting changed
    (bnc#712438).

  - Fixed dhclient-script to not remove alias IP when it
    didn't changed to not wipe out iptables connmark when
    renewing the lease (bnc#700771). Thanks to James Carter
    for the patch.

  - Removed GPL licensed files (bind-*/contrib/dbus) from
    bind.tgz to ensure, they're not used to build non-GPL
    dhcp.

  - Disabled log-info level messages in dhclient(6) quiet
    mode to avoid excessive logging of non-critical messages
    (bnc#711420)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=700771"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=711420"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=712438"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=712653"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=714004"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected dhcp packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-relay");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-relay-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:dhcp-server-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/08/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.4", reference:"dhcp-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-client-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-client-debuginfo-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-debuginfo-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-debugsource-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-devel-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-relay-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-relay-debuginfo-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-server-4.2.1-0.9.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"dhcp-server-debuginfo-4.2.1-0.9.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dhcp");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 Jan 2021 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 27.8
EPSS0.38775
32