Lucene search

[email protected]NVD:CVE-2015-8605

HistoryJan 14, 2016 - 10:59 p.m.

CVE-2015-8605

2016-01-1422:59:00

CWE-20

[email protected]

web.nvd.nist.gov

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

93.0%

JSON

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

Affected configurations

NVD

Node

sophosunified_threat_management_up2dateRange≤9.318

sophosunified_threat_management_up2dateRange≤9.353

Node

iscdhcpMatch4.0.0

iscdhcpMatch4.0.1

iscdhcpMatch4.0.2-

iscdhcpMatch4.0.2p1

iscdhcpMatch4.0.3-

iscdhcpMatch4.0.3rc1

iscdhcpMatch4.1-esv-

iscdhcpMatch4.1-esvr1

iscdhcpMatch4.1-esvr10

iscdhcpMatch4.1-esvr10_b1

iscdhcpMatch4.1-esvr11_b1

iscdhcpMatch4.1-esvr11_rc1

iscdhcpMatch4.1-esvr11_rc2

iscdhcpMatch4.1-esvr12

iscdhcpMatch4.1-esvr12_b1

iscdhcpMatch4.1-esvr2

iscdhcpMatch4.1-esvr3

iscdhcpMatch4.1-esvr3_b1

iscdhcpMatch4.1-esvr4

iscdhcpMatch4.1-esvr5

iscdhcpMatch4.1-esvr5_b1

iscdhcpMatch4.1-esvr5_rc1

iscdhcpMatch4.1-esvr5_rc2

iscdhcpMatch4.1-esvr6

iscdhcpMatch4.1-esvr7

iscdhcpMatch4.1-esvr8

iscdhcpMatch4.1-esvr8_b1

iscdhcpMatch4.1-esvr8_rc1

iscdhcpMatch4.1-esvr9

iscdhcpMatch4.1-esvr9_b1

iscdhcpMatch4.1-esvr9_rc1

iscdhcpMatch4.1.0-

iscdhcpMatch4.1.1-

iscdhcpMatch4.1.1p1

iscdhcpMatch4.1.2-

iscdhcpMatch4.1.2b1

iscdhcpMatch4.1.2p1

iscdhcpMatch4.1.2rc1

iscdhcpMatch4.2.0-

iscdhcpMatch4.2.0p1

iscdhcpMatch4.2.0p2

iscdhcpMatch4.2.1-

iscdhcpMatch4.2.1b1

iscdhcpMatch4.2.1p1

iscdhcpMatch4.2.1rc1

iscdhcpMatch4.2.2-

iscdhcpMatch4.2.2b1

iscdhcpMatch4.2.2rc1

iscdhcpMatch4.2.3-

iscdhcpMatch4.2.3p1

iscdhcpMatch4.2.3p2

iscdhcpMatch4.2.4-

iscdhcpMatch4.2.4b1

iscdhcpMatch4.2.4p1

iscdhcpMatch4.2.4p2

iscdhcpMatch4.2.4rc1

iscdhcpMatch4.2.4rc2

iscdhcpMatch4.2.5-

iscdhcpMatch4.2.5b1

iscdhcpMatch4.2.5p1

iscdhcpMatch4.2.5rc1

iscdhcpMatch4.2.6-

iscdhcpMatch4.2.6b1

iscdhcpMatch4.2.6rc1

iscdhcpMatch4.2.7

iscdhcpMatch4.2.7b1

iscdhcpMatch4.2.7rc1

iscdhcpMatch4.2.8

iscdhcpMatch4.2.8b1

iscdhcpMatch4.2.8rc1

iscdhcpMatch4.2.8rc2

iscdhcpMatch4.3.0

iscdhcpMatch4.3.0a1

iscdhcpMatch4.3.0b1

iscdhcpMatch4.3.0rc1

iscdhcpMatch4.3.1

iscdhcpMatch4.3.1b1

iscdhcpMatch4.3.1rc1

iscdhcpMatch4.3.2

iscdhcpMatch4.3.2b1

iscdhcpMatch4.3.2rc1

iscdhcpMatch4.3.2rc2

iscdhcpMatch4.3.3

iscdhcpMatch4.3.3b1

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

canonicalubuntu_linuxMatch12.04lts

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch15.04

canonicalubuntu_linuxMatch15.10

References

lists.fedoraproject.org/pipermail/package-announce/2016-January/175594.html

lists.fedoraproject.org/pipermail/package-announce/2016-January/176031.html

lists.opensuse.org/opensuse-updates/2016-02/msg00162.html

lists.opensuse.org/opensuse-updates/2016-02/msg00168.html

www.debian.org/security/2016/dsa-3442

www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

www.securityfocus.com/bid/80703

www.securitytracker.com/id/1034657

www.ubuntu.com/usn/USN-2868-1

blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/

blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/

kb.isc.org/article/AA-01334

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

93.0%

JSON

Related for NVD:CVE-2015-8605

nessus23 openvas16 debian4 debiancve1 slackware1 fedora2 f52 freebsd1 osv3 ubuntucve1 mageia1 cve1 amazon1 cvelist1 ubuntu1 prion1 ibm4 rosalinux1 photon1