ID OPENVAS:840093 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-12-01T00:00:00
Description
Ubuntu Update for Linux kernel vulnerabilities USN-531-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_531_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for dhcp vulnerability USN-531-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not
correctly handle certain client options. A remote attacker could send
malicious DHCP replies to the server and execute arbitrary code.";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-531-1";
tag_affected = "dhcp vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 6.10 ,
Ubuntu 7.04 ,
Ubuntu 7.10";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-531-1/");
script_id(840093);
script_version("$Revision: 7969 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "USN", value: "531-1");
script_cve_id("CVE-2007-5365");
script_name( "Ubuntu Update for dhcp vulnerability USN-531-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU7.04")
{
if ((res = isdpkgvuln(pkg:"dhcp-client", ver:"2.0pl5-19.5ubuntu2.1", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp-relay", ver:"2.0pl5-19.5ubuntu2.1", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp", ver:"2.0pl5-19.5ubuntu2.1", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU6.06 LTS")
{
if ((res = isdpkgvuln(pkg:"dhcp-client", ver:"2.0pl5-19.4ubuntu0.1", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp-relay", ver:"2.0pl5-19.4ubuntu0.1", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp", ver:"2.0pl5-19.4ubuntu0.1", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU6.10")
{
if ((res = isdpkgvuln(pkg:"dhcp-client", ver:"2.0pl5-19.4ubuntu1.1", rls:"UBUNTU6.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp-relay", ver:"2.0pl5-19.4ubuntu1.1", rls:"UBUNTU6.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp", ver:"2.0pl5-19.4ubuntu1.1", rls:"UBUNTU6.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU7.10")
{
if ((res = isdpkgvuln(pkg:"dhcp-client", ver:"2.0pl5dfsg1-20ubuntu1.1", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp-relay", ver:"2.0pl5dfsg1-20ubuntu1.1", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"dhcp", ver:"2.0pl5dfsg1-20ubuntu1.1", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:840093", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for dhcp vulnerability USN-531-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-531-1", "published": "2009-03-23T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840093", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["531-1", "http://www.ubuntu.com/usn/usn-531-1/"], "cvelist": ["CVE-2007-5365"], "lastseen": "2017-12-04T11:29:57", "viewCount": 1, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2017-12-04T11:29:57", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-5365"]}, {"type": "seebug", "idList": ["SSV:4449", "SSV:7446", "SSV:4436"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1388-3:282B7", "DEBIAN:DSA-1388-1:538AA"]}, {"type": "ubuntu", "idList": ["USN-531-2", "USN-531-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310855414", "OPENVAS:855308", "OPENVAS:1361412562310855216", "OPENVAS:1361412562310855308", "OPENVAS:855414", "OPENVAS:855052", "OPENVAS:1361412562310855052", "OPENVAS:58685", "OPENVAS:855535", "OPENVAS:855268"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:4B78C6BEF4CEAF939CD1DAF654D5C6C6"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2007-0970.NASL", "SOLARIS10_X86_138877-01.NASL", "UBUNTU_USN-531-1.NASL", "SOLARIS10_138876-01.NASL", "SOLARIS8_109077.NASL", "DEBIAN_DSA-1388.NASL", "UBUNTU_USN-531-2.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:4601"]}, {"type": "redhat", "idList": ["RHSA-2007:0970"]}, {"type": "centos", "idList": ["CESA-2007:0970-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:8244"]}], "modified": "2017-12-04T11:29:57", "rev": 2}, "vulnersScore": 7.3}, "pluginID": "840093", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_531_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for dhcp vulnerability USN-531-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not\n correctly handle certain client options. A remote attacker could send\n malicious DHCP replies to the server and execute arbitrary code.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-531-1\";\ntag_affected = \"dhcp vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-531-1/\");\n script_id(840093);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"531-1\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Ubuntu Update for dhcp vulnerability USN-531-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.5ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.5ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.5ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.4ubuntu0.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.4ubuntu0.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.4ubuntu0.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.4ubuntu1.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.4ubuntu1.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.4ubuntu1.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5dfsg1-20ubuntu1.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5dfsg1-20ubuntu1.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5dfsg1-20ubuntu1.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:31:27", "description": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.", "edition": 4, "cvss3": {}, "published": "2007-10-11T10:17:00", "title": "CVE-2007-5365", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5365"], "modified": "2018-10-15T21:44:00", "cpe": ["cpe:/o:sun:opensolaris:snv_34", "cpe:/o:sun:opensolaris:snv_06", "cpe:/o:sun:opensolaris:snv_53", "cpe:/o:sun:opensolaris:snv_23", "cpe:/o:sun:opensolaris:snv_87", "cpe:/o:sun:opensolaris:snv_51", "cpe:/o:sun:solaris:8.0", "cpe:/o:sun:opensolaris:snv_07", "cpe:/o:sun:opensolaris:snv_28", "cpe:/o:sun:opensolaris:snv_93", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:sun:opensolaris:snv_39", "cpe:/o:sun:opensolaris:snv_48", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:sun:opensolaris:snv_27", "cpe:/o:sun:opensolaris:snv_01", "cpe:/o:sun:opensolaris:snv_15", "cpe:/o:sun:opensolaris:snv_18", "cpe:/o:sun:opensolaris:snv_83", "cpe:/o:sun:solaris:10.0", "cpe:/o:sun:opensolaris:snv_99", "cpe:/o:sun:opensolaris:snv_11", "cpe:/o:sun:opensolaris:snv_86", "cpe:/o:sun:opensolaris:snv_09", "cpe:/o:sun:opensolaris:snv_30", "cpe:/o:sun:opensolaris:snv_13", "cpe:/o:sun:opensolaris:snv_61", "cpe:/o:sun:opensolaris:snv_16", "cpe:/o:sun:opensolaris:snv_45", "cpe:/o:sun:opensolaris:snv_50", "cpe:/o:sun:opensolaris:snv_08", "cpe:/o:sun:opensolaris:snv_43", "cpe:/o:sun:opensolaris:snv_94", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:sun:opensolaris:snv_44", "cpe:/o:sun:opensolaris:snv_84", "cpe:/o:sun:opensolaris:snv_17", "cpe:/o:sun:opensolaris:snv_97", "cpe:/o:sun:opensolaris:snv_77", "cpe:/o:sun:opensolaris:snv_04", "cpe:/o:sun:opensolaris:snv_62", "cpe:/o:sun:opensolaris:snv_58", "cpe:/o:sun:opensolaris:snv_31", "cpe:/o:sun:opensolaris:snv_56", "cpe:/o:sun:opensolaris:snv_20", "cpe:/o:sun:opensolaris:snv_03", "cpe:/o:sun:opensolaris:snv_69", "cpe:/o:sun:opensolaris:snv_75", "cpe:/o:openbsd:openbsd:4.2", "cpe:/o:sun:opensolaris:snv_98", "cpe:/o:sun:opensolaris:snv_64", "cpe:/o:sun:opensolaris:snv_21", "cpe:/o:sun:opensolaris:snv_38", "cpe:/o:ubuntu:ubuntu_linux:6.06", "cpe:/o:sun:opensolaris:snv_59", "cpe:/o:sun:opensolaris:snv_63", "cpe:/o:sun:opensolaris:snv_89", "cpe:/o:sun:opensolaris:snv_57", "cpe:/o:sun:opensolaris:snv_78", "cpe:/o:sun:opensolaris:snv_10", "cpe:/o:sun:opensolaris:snv_81", "cpe:/o:sun:opensolaris:snv_70", "cpe:/o:sun:opensolaris:snv_96", "cpe:/o:sun:opensolaris:snv_37", "cpe:/o:sun:opensolaris:snv_25", "cpe:/o:sun:opensolaris:snv_65", "cpe:/o:sun:opensolaris:snv_49", "cpe:/o:sun:opensolaris:snv_72", "cpe:/o:sun:opensolaris:snv_71", "cpe:/o:sun:opensolaris:snv_73", "cpe:/o:sun:opensolaris:snv_92", "cpe:/o:sun:opensolaris:snv_33", "cpe:/o:sun:opensolaris:snv_35", "cpe:/o:sun:opensolaris:snv_67", "cpe:/o:sun:opensolaris:snv_42", "cpe:/o:sun:opensolaris:snv_76", "cpe:/o:sun:opensolaris:snv_41", "cpe:/o:sun:opensolaris:snv_32", "cpe:/o:sun:opensolaris:snv_36", "cpe:/o:sun:opensolaris:snv_54", "cpe:/o:ubuntu:ubuntu_linux:7.04", "cpe:/o:sun:opensolaris:snv_82", "cpe:/o:sun:opensolaris:snv_14", "cpe:/o:sun:opensolaris:snv_40", "cpe:/o:openbsd:openbsd:4.1", "cpe:/o:sun:opensolaris:snv_68", "cpe:/o:sun:opensolaris:snv_29", "cpe:/o:sun:opensolaris:snv_46", "cpe:/o:sun:solaris:9.0", "cpe:/o:sun:opensolaris:snv_12", "cpe:/o:sun:opensolaris:snv_60", "cpe:/o:sun:opensolaris:snv_79", "cpe:/o:sun:opensolaris:snv_85", "cpe:/o:sun:opensolaris:snv_24", "cpe:/o:sun:opensolaris:snv_26", "cpe:/o:sun:opensolaris:snv_19", "cpe:/o:ubuntu:ubuntu_linux:7.10", "cpe:/o:sun:opensolaris:snv_100", "cpe:/o:sun:opensolaris:snv_90", "cpe:/o:sun:opensolaris:snv_05", "cpe:/o:sun:opensolaris:snv_52", "cpe:/o:sun:opensolaris:snv_74", "cpe:/o:sun:opensolaris:snv_22", "cpe:/o:sun:opensolaris:snv_80", "cpe:/o:redhat:linux_advanced_workstation:2.1", "cpe:/o:sun:opensolaris:snv_101", "cpe:/o:sun:opensolaris:snv_66", "cpe:/o:sun:opensolaris:snv_102", "cpe:/o:openbsd:openbsd:4.0", "cpe:/o:sun:opensolaris:snv_95", "cpe:/o:sun:opensolaris:snv_88", "cpe:/o:sun:opensolaris:snv_02", "cpe:/o:sun:opensolaris:snv_47", "cpe:/o:sun:opensolaris:snv_55", "cpe:/o:ubuntu:ubuntu_linux:6.10", "cpe:/o:sun:opensolaris:snv_91"], "id": "CVE-2007-5365", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5365", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:sun:opensolaris:snv_26:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_11:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_21:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_60:*:x86:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_40:*:x86:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_44:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_74:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_32:*:x86:*:*:*:*:*", "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_71:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_42:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_33:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_81:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_12:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_49:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*", "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_31:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_83:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_27:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_02:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_30:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_55:*:x86:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_52:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_39:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_76:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_79:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_39:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_29:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_73:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_04:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_61:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_94:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_53:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_36:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_90:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_27:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_24:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_23:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_02:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_77:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_69:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_82:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_85:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_43:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_05:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_87:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_83:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_31:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_79:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_14:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_15:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_72:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_99:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_84:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_23:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_38:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_34:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_67:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_17:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_96:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_78:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_71:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_65:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_05:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_44:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_08:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_70:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_62:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_52:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_74:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_82:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_56:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_10:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_41:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_75:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_07:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_19:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_16:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_03:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_66:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_80:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_61:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_51:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_18:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_75:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_26:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_18:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_47:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_97:*:x86:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_57:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_46:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_35:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_28:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_48:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_12:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_46:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_59:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_22:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_45:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_47:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_68:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_69:*:sparc:*:*:*:*:*", "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_06:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_07:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_50:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_13:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_58:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_56:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_68:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_03:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_01:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_78:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_70:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_06:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_76:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_42:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_50:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_67:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_33:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_55:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_20:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_35:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_04:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_59:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_37:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_29:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_10:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_57:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_20:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_72:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_51:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_40:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_22:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_60:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_45:*:sparc:*:*:*:*:*", "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:_nil_:lts:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_81:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_21:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_25:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_80:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_17:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_58:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_54:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_77:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_49:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_73:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_98:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_14:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_15:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_95:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_09:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_09:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_25:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_38:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_63:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_64:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_01:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_28:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_54:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_66:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_63:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_11:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_43:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_32:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_34:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_48:*:x86:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_37:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_24:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_08:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_53:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_65:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_16:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_36:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_30:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_64:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_41:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_62:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_86:*:x86:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_19:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*", "cpe:2.3:o:sun:opensolaris:snv_13:*:x86:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-08T23:38:43", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5365"], "description": "USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete, \nand only reduced the scope of the vulnerability, without fully solving \nit. This update fixes the problem.\n\nOriginal advisory details:\n\nNahuel Riva and Gerardo Richarte discovered that the DHCP server did not \ncorrectly handle certain client options. A remote attacker could send \nmalicious DHCP replies to the server and execute arbitrary code.", "edition": 5, "modified": "2007-10-23T00:00:00", "published": "2007-10-23T00:00:00", "id": "USN-531-2", "href": "https://ubuntu.com/security/notices/USN-531-2", "title": "dhcp vulnerability", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:34:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5365"], "description": "Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not \ncorrectly handle certain client options. A remote attacker could send \nmalicious DHCP replies to the server and execute arbitrary code.", "edition": 5, "modified": "2007-10-22T00:00:00", "published": "2007-10-22T00:00:00", "id": "USN-531-1", "href": "https://ubuntu.com/security/notices/USN-531-1", "title": "dhcp vulnerability", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:13:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of in.dhcpd libresolv and BIND9", "modified": "2017-02-20T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:855308", "href": "http://plugins.openvas.org/nasl.php?oid=855308", "type": "openvas", "title": "Solaris Update for in.dhcpd libresolv and BIND9 112837-18", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for in.dhcpd libresolv and BIND9 112837-18\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"in.dhcpd libresolv and BIND9 on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n in.dhcpd libresolv and BIND9\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855308);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:19:17 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"112837-18\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for in.dhcpd libresolv and BIND9 112837-18\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-112837-18-1\");\n\n script_summary(\"Check for the Version of in.dhcpd libresolv and BIND9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"112837-18\", package:\"SUNWdhcsu SUNWarc SUNWarcx SUNWcsl SUNWhea SUNWcslx SUNWcstlx SUNWcsu SUNWinamd SUNWcstl\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of usr/lib/inet/in.dhcpd", "modified": "2018-04-06T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:1361412562310855414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855414", "type": "openvas", "title": "Solaris Update for usr/lib/inet/in.dhcpd 138876-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for usr/lib/inet/in.dhcpd 138876-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"usr/lib/inet/in.dhcpd on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n usr/lib/inet/in.dhcpd\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855414\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"138876-01\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for usr/lib/inet/in.dhcpd 138876-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-138876-01-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of usr/lib/inet/in.dhcpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"138876-01\", package:\"SUNWdhcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of dhcp server and admin", "modified": "2018-04-06T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:1361412562310855216", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855216", "type": "openvas", "title": "Solaris Update for dhcp server and admin 109078-21", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for dhcp server and admin 109078-21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"dhcp server and admin on solaris_5.8_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n dhcp server and admin\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855216\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:37:58 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"109078-21\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for dhcp server and admin 109078-21\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-109078-21-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of dhcp server and admin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"i386\", patch:\"109078-21\", package:\"SUNWdhcsu SUNWdhcm SUNWcsr SUNWdhcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of dhcp server and admin", "modified": "2017-02-20T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:855216", "href": "http://plugins.openvas.org/nasl.php?oid=855216", "type": "openvas", "title": "Solaris Update for dhcp server and admin 109078-21", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for dhcp server and admin 109078-21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"dhcp server and admin on solaris_5.8_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n dhcp server and admin\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855216);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:37:58 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"109078-21\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for dhcp server and admin 109078-21\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-109078-21-1\");\n\n script_summary(\"Check for the Version of dhcp server and admin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"i386\", patch:\"109078-21\", package:\"SUNWdhcsu SUNWdhcm SUNWcsr SUNWdhcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of usr/lib/inet/in.dhcpd", "modified": "2017-02-20T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:855052", "href": "http://plugins.openvas.org/nasl.php?oid=855052", "type": "openvas", "title": "Solaris Update for usr/lib/inet/in.dhcpd 138877-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for usr/lib/inet/in.dhcpd 138877-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"usr/lib/inet/in.dhcpd on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n usr/lib/inet/in.dhcpd\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855052);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"138877-01\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for usr/lib/inet/in.dhcpd 138877-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-138877-01-1\");\n\n script_summary(\"Check for the Version of usr/lib/inet/in.dhcpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"138877-01\", package:\"SUNWdhcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "The remote host is missing an update to dhcp\nannounced via advisory DSA 1388-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:58685", "href": "http://plugins.openvas.org/nasl.php?oid=58685", "type": "openvas", "title": "Debian Security Advisory DSA 1388-1 (dhcp)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1388_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1388-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that dhcp, a DHCP server for automatic IP address assignment,\ndidn't correctly allocate space for network replies. This could potentially\nallow a malicious DHCP client to execute arbitrary code upon the DHCP server.\n\nFor the old stable distribution (sarge), this problem has been fixed in\nversion 2.0pl5-19.1sarge3.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.0pl5-19.5etch1.\n\nFor the unstable distribution (sid), this problem will be fixed shortly.\n\nWe recommend that you upgrade your dhcp package.\";\ntag_summary = \"The remote host is missing an update to dhcp\nannounced via advisory DSA 1388-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201388-1\";\n\nif(description)\n{\n script_id(58685);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-5365\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1388-1 (dhcp)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.5etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.5etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.5etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of dhcp server and admin", "modified": "2018-04-06T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:1361412562310855535", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855535", "type": "openvas", "title": "Solaris Update for dhcp server and admin 109077-21", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for dhcp server and admin 109077-21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"dhcp server and admin on solaris_5.8_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n dhcp server and admin\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855535\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:37:58 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"109077-21\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for dhcp server and admin 109077-21\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of dhcp server and admin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", package:\"SUNWdhcsu SUNWdhcm SUNWcsr SUNWdhcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-531-2", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840181", "href": "http://plugins.openvas.org/nasl.php?oid=840181", "type": "openvas", "title": "Ubuntu Update for dhcp vulnerability USN-531-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_531_2.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for dhcp vulnerability USN-531-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete,\n and only reduced the scope of the vulnerability, without fully solving\n it. This update fixes the problem.\n\n Original advisory details:\n \n Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not\n correctly handle certain client options. A remote attacker could send\n malicious DHCP replies to the server and execute arbitrary code.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-531-2\";\ntag_affected = \"dhcp vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-531-2/\");\n script_id(840181);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"531-2\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Ubuntu Update for dhcp vulnerability USN-531-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.5ubuntu2.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.5ubuntu2.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.5ubuntu2.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.4ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.4ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.4ubuntu0.2\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5-19.4ubuntu1.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5-19.4ubuntu1.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5-19.4ubuntu1.2\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"dhcp-client\", ver:\"2.0pl5dfsg1-20ubuntu1.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp-relay\", ver:\"2.0pl5dfsg1-20ubuntu1.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"dhcp\", ver:\"2.0pl5dfsg1-20ubuntu1.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of usr/lib/inet/in.dhcpd", "modified": "2018-04-06T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:1361412562310855052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855052", "type": "openvas", "title": "Solaris Update for usr/lib/inet/in.dhcpd 138877-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for usr/lib/inet/in.dhcpd 138877-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"usr/lib/inet/in.dhcpd on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n usr/lib/inet/in.dhcpd\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855052\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:34:39 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"138877-01\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for usr/lib/inet/in.dhcpd 138877-01\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-138877-01-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of usr/lib/inet/in.dhcpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"138877-01\", package:\"SUNWdhcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "description": "Check for the Version of dhcp server and admin", "modified": "2017-02-20T00:00:00", "published": "2009-06-03T00:00:00", "id": "OPENVAS:855535", "href": "http://plugins.openvas.org/nasl.php?oid=855535", "type": "openvas", "title": "Solaris Update for dhcp server and admin 109077-21", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for dhcp server and admin 109077-21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"dhcp server and admin on solaris_5.8_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n dhcp server and admin\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855535);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:37:58 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"109077-21\");\n script_cve_id(\"CVE-2007-5365\");\n script_name( \"Solaris Update for dhcp server and admin 109077-21\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1\");\n\n script_summary(\"Check for the Version of dhcp server and admin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", package:\"SUNWdhcsu SUNWdhcm SUNWcsr SUNWdhcsr SUNWhea SUNWcsu\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:17:41", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5365"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1388-3 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans\nOctober 29, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : dhcp\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-5365\nDebian Bug : 446354\n\nThe patch used to correct the DHCP server buffer overflow in DSA-1388-1\nwas incomplete and did not adequately resolve the problem. This update\nto the previous advisory makes available updated packages based on a\nnewer version of the patch.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.0pl5-19.5etch2\n\nUpdates to the old stable version (sarge) are pending.\n\nWe recommend that you upgrade your dhcp packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2.dsc\n Size/MD5 checksum: 683 0b58f9e8eb121cf97c069580fe7f8d2a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2.diff.gz\n Size/MD5 checksum: 109536 e05751df16af9fef3826de1b13b19694\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5.orig.tar.gz\n Size/MD5 checksum: 294909 ab22f363a7aff924e2cc9d1019a21498\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_alpha.deb\n Size/MD5 checksum: 115986 5a3fad1441184f67ebfd259e225b8deb\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_alpha.deb\n Size/MD5 checksum: 122958 70cf5573cdb9df0ade56fd58963526f7\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_alpha.deb\n Size/MD5 checksum: 81466 59a2774d3cbf426c116cda5b37004b02\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_alpha.udeb\n Size/MD5 checksum: 53328 fc6a74bbf4ca3d11266894022967d215\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_amd64.deb\n Size/MD5 checksum: 115646 5fb5be9e0df58591e2f09984b107b6ff\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_amd64.deb\n Size/MD5 checksum: 76622 699bdea9722e30a17d893a5fdfc59b3c\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_amd64.deb\n Size/MD5 checksum: 109336 aca4a6dfbe89e12da8b5f57031c6749a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_amd64.udeb\n Size/MD5 checksum: 46762 b7ab045411264337a230c0e0547e976c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_arm.deb\n Size/MD5 checksum: 114446 e706691fe1b1da3e48556f3f3a2759dc\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_arm.udeb\n Size/MD5 checksum: 44804 a7de3008bff776bc41f57939d6baef0c\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_arm.deb\n Size/MD5 checksum: 74574 c357f51c69cacd0c5e7f746735b050ee\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_arm.deb\n Size/MD5 checksum: 107660 c0426fafa16454f4f3613b669be104b3\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_hppa.deb\n Size/MD5 checksum: 115078 77698ad1416708c1bba42286717a6a38\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_hppa.deb\n Size/MD5 checksum: 109288 ba099d48d08c7b63f17c901505069a93\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_hppa.deb\n Size/MD5 checksum: 77218 631787f11690111a20ca8e06da223955\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_hppa.udeb\n Size/MD5 checksum: 46534 e4563d516472ae7b00640c4faf63a69b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_i386.udeb\n Size/MD5 checksum: 40922 439ee79ca28a824a3bd702e6d2a4782a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_i386.deb\n Size/MD5 checksum: 72582 ad568458d95419eae37cbc05f7df99e0\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_i386.deb\n Size/MD5 checksum: 111342 02946828ab4646c8c9d40abbb9323f10\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_i386.deb\n Size/MD5 checksum: 103662 5309abf9853a42438f3b25557e2ea72a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_ia64.deb\n Size/MD5 checksum: 135918 1130320929adbd7b5f6bbbdbe7ea8cf4\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_ia64.deb\n Size/MD5 checksum: 142464 88880a0d9631738e8d50d88725405f2a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_ia64.udeb\n Size/MD5 checksum: 72360 4c6b9e4ed5a2b908818f2bdc047302f1\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_ia64.deb\n Size/MD5 checksum: 92714 6b45e56a178149eb662b3ace829f4d1a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_mips.deb\n Size/MD5 checksum: 112086 f3eefe99badef8981c197191cfa7ad39\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_mips.deb\n Size/MD5 checksum: 118180 bc2b4fcd3d3a7df0ece598e4a0c72ea4\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_mips.udeb\n Size/MD5 checksum: 49302 0a4a229e0e066b8d9fecc75125385899\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_mips.deb\n Size/MD5 checksum: 78638 a588b355c89a2f5bbd893aaf938740c8\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_mipsel.deb\n Size/MD5 checksum: 117674 a39185fab632a03793efe3396311f350\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_mipsel.udeb\n Size/MD5 checksum: 48770 42c311ba6c2052abdddf6c2e6b7aa16a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_mipsel.deb\n Size/MD5 checksum: 111554 86440305699bfed9cd6cd0721b5c032c\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_mipsel.deb\n Size/MD5 checksum: 78272 95b3aff8d41ea810ee4d4b1bb75c9eed\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_powerpc.deb\n Size/MD5 checksum: 74674 f3377454115baffb9450fb0a0bb51d0f\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_powerpc.deb\n Size/MD5 checksum: 105862 4b75aabdc533969677988dbc4bd8e59e\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_powerpc.udeb\n Size/MD5 checksum: 43066 2edba1128225890a6792f2eecee00058\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_powerpc.deb\n Size/MD5 checksum: 112228 a60c4734706546a47127c11765f1d9bf\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_s390.udeb\n Size/MD5 checksum: 53540 8a063f95dd410c93e6b5fe10e091fdc2\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_s390.deb\n Size/MD5 checksum: 121934 d5ae65fdd1254df11d692051753efcc8\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_s390.deb\n Size/MD5 checksum: 116260 29bf7983a2226601124ee0da48072aa2\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_s390.deb\n Size/MD5 checksum: 80346 fe7c1452e141fc20d16653b857d6ec69\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch2_sparc.deb\n Size/MD5 checksum: 75060 e8e5a86e2e608771e36755b0f443df83\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch2_sparc.deb\n Size/MD5 checksum: 112946 cd73de6703a63dc321cf788bab64d52d\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch2_sparc.deb\n Size/MD5 checksum: 106534 c777f24901a5bdb9db29c3a82da401d8\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch2_sparc.udeb\n Size/MD5 checksum: 43554 516673e6c0d38126058807dbbdf81fe7\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2007-10-29T00:00:00", "published": "2007-10-29T00:00:00", "id": "DEBIAN:DSA-1388-3:282B7", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00174.html", "title": "[SECURITY] [DSA 1388-3] New dhcp packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:27:23", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5365"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA 1388-1 security@debian.org\nhttp://www.debian.org/security/ Steve Kemp\nOctober 18th, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : dhcp\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-5365\nDebian Bug : 446354\n\nIt was discovered that dhcp, a DHCP server for automatic IP address assignment,\ndidn't correctly allocate space for network replies. This could potentially\nallow a malicious DHCP client to execute arbitary code upon the DHCP server.\n\nFor the old stable distribution (sarge), this problem has been fixed in\nversion 2.0pl5-19.1sarge3.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.0pl5-19.5etch1.\n\nFor the unstable distribution (sid), this problem will be fixed shortly.\n\nWe recommend that you upgrade your dhcp package.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.diff.gz\n Size/MD5 checksum: 86946 9a8f4a8219d0df0ea8d00a766afb1cb3\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3.dsc\n Size/MD5 checksum: 687 22ac1bac4dbdd4bb034921b496eb7ad8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_alpha.udeb\n Size/MD5 checksum: 53920 bdcdd8fe476006baff32bba6797ce8f6\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_alpha.deb\n Size/MD5 checksum: 80140 e2a2bea48927595e106b4f1261107e0b\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_alpha.deb\n Size/MD5 checksum: 122328 d6090dcc6f6ea0dd216723fe67495485\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_alpha.deb\n Size/MD5 checksum: 115802 b9e74f333e37f9cb54b417f436eb3ef7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_amd64.deb\n Size/MD5 checksum: 108782 e2c5b850e6d2cfaeee28e8a0cea6e978\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_amd64.deb\n Size/MD5 checksum: 76042 4482f2e622739b61bb36fa5709b7ba97\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_amd64.deb\n Size/MD5 checksum: 116080 c3be5b81038f5f29ccf50726fb111cfc\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_amd64.udeb\n Size/MD5 checksum: 47164 34edcdd4ec9571f151dd7ba763967fa2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_arm.deb\n Size/MD5 checksum: 113770 046155a2ebcaeff5177fa053acbf38b9\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_arm.udeb\n Size/MD5 checksum: 45586 e167fa982d418f5139d0acada21e582d\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_arm.deb\n Size/MD5 checksum: 73770 46378f1b6fd06f3861cea60854847f68\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_arm.deb\n Size/MD5 checksum: 106770 c1c4485c8c2cf462c532fae2a59805ab\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_i386.deb\n Size/MD5 checksum: 102632 c536a455a338b39df9e422f8014aee5c\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_i386.deb\n Size/MD5 checksum: 71246 e83e575491184c6e43311cbb9a3b7c76\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_i386.udeb\n Size/MD5 checksum: 40786 0521d5a40275999472be2c6adea13dcd\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_i386.deb\n Size/MD5 checksum: 108930 fc742b760b3130fc35fbdca1b543e9ab\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_ia64.udeb\n Size/MD5 checksum: 74626 02a39276494c2c4d574450c84b9d308e\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_ia64.deb\n Size/MD5 checksum: 144928 8bc8479e568cdea075d4b0cf198e8592\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_ia64.deb\n Size/MD5 checksum: 137028 4b5da9ec5ec04878824ad502dd403c75\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_ia64.deb\n Size/MD5 checksum: 93024 35b3637bcd1e85aa83210ce8c57954bb\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mips.deb\n Size/MD5 checksum: 118660 1e023c911ba9fe95c5c6fcf7fbf7534f\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mips.deb\n Size/MD5 checksum: 78120 5fb2f640d4851d9070c3a78cd53f5c53\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mips.deb\n Size/MD5 checksum: 111706 a9a34701ec8a1a8f28213f7489b54bca\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mips.udeb\n Size/MD5 checksum: 49782 81e2aac3e0696cbd0c64ddd96f06d199\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_mipsel.udeb\n Size/MD5 checksum: 49280 7f50fa3fa7c991891da6e7ae7efc3370\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_mipsel.deb\n Size/MD5 checksum: 118208 6945230b5dd6efea120965f2d66118a2\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_mipsel.deb\n Size/MD5 checksum: 111190 7cc6ecd13ffb3b4a39bca4e4982bf949\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_mipsel.deb\n Size/MD5 checksum: 77768 2fa6c11b6337476fe541b15280ae8779\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_powerpc.deb\n Size/MD5 checksum: 105510 9051fb4c2181d6d28c6792ebe3a3af10\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_powerpc.deb\n Size/MD5 checksum: 74052 84cdc573f9c8984c6ab6d02a05fec788\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_powerpc.deb\n Size/MD5 checksum: 112628 a73367fb674a2ae7765104c8de13d20a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_powerpc.udeb\n Size/MD5 checksum: 43664 527a530ca9cd96c950f5523b3a6c8266\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_s390.deb\n Size/MD5 checksum: 116646 63e5b231b68432751b50436f11e811d1\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_s390.deb\n Size/MD5 checksum: 76934 c7c11f2d6601a829b9b079fe88c334a2\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_s390.udeb\n Size/MD5 checksum: 47418 f5c49d1da85b38f1abe02891c5493d5d\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_s390.deb\n Size/MD5 checksum: 109474 51f1f614fc3268ded7bb684ebb3c786a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.1sarge3_sparc.udeb\n Size/MD5 checksum: 44558 6ab09f9aa20761f84349720bda2f4494\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.1sarge3_sparc.deb\n Size/MD5 checksum: 74962 60245972bc1f89283683898d04a5758f\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.1sarge3_sparc.deb\n Size/MD5 checksum: 106514 1a50f0a1c91d0fc88a33683aa8389f53\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.1sarge3_sparc.deb\n Size/MD5 checksum: 113918 697615095fa33aacd5dabb822e296247\n\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.dsc\n Size/MD5 checksum: 683 07a1aaa5663007a56b3930bdf843a8a4\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1.diff.gz\n Size/MD5 checksum: 108226 a44eace486ab768b3b73d22a9a64aa35\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_alpha.deb\n Size/MD5 checksum: 115856 083e20878c77216dde01215d26d36714\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_alpha.deb\n Size/MD5 checksum: 81340 e9e129b291a94631115cc51e2f23c0b8\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_alpha.udeb\n Size/MD5 checksum: 53334 a9af65ac152764ca3907e9a2ab447832\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_alpha.deb\n Size/MD5 checksum: 122824 1e874fefa911a48a307ce9e4ba3bad7e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_amd64.deb\n Size/MD5 checksum: 109188 afb0a5fac336ee590b529d229c134c37\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_amd64.deb\n Size/MD5 checksum: 76090 5920da74cbbc629f67648da42bd5ac26\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_amd64.udeb\n Size/MD5 checksum: 46720 460339f23ec8fc589262e47b4d476e6b\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_amd64.deb\n Size/MD5 checksum: 115762 e37484724dc8cc62279331552136b16b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_arm.deb\n Size/MD5 checksum: 107522 6e4eea9ae761fb2b8ce42c5cb6d1d85a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_arm.deb\n Size/MD5 checksum: 74440 c5f56b9f45470bebe91ff5fa9c977aba\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_arm.udeb\n Size/MD5 checksum: 44824 738c4cfeea56e8a63f95de38c99c9ea3\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_arm.deb\n Size/MD5 checksum: 114324 86dd3f90a7f00f7f5d5dca2a5bb3a893\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_hppa.deb\n Size/MD5 checksum: 109138 f933b19d933da11a0c0f32c1d7ea6457\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_hppa.deb\n Size/MD5 checksum: 114938 a92ed2ab2708b5f33471726c2b870e45\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_hppa.udeb\n Size/MD5 checksum: 46540 7afafeaa053be9aefd5d53ef8f9016db\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_hppa.deb\n Size/MD5 checksum: 77078 53dce263c2d97546605a4eab6feff7d1\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_i386.deb\n Size/MD5 checksum: 72792 584673523ebe264542c874bb8cd50dc1\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_i386.deb\n Size/MD5 checksum: 111048 9a958d55894300d767d5e7218c0908a2\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_i386.deb\n Size/MD5 checksum: 103460 c96cc449b6711f16c77e7327db8203bd\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_i386.udeb\n Size/MD5 checksum: 40918 a1ad2f247b1618996e1bc77251e33a6c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_ia64.deb\n Size/MD5 checksum: 142308 cabeaa01a24205a6ca680918fcda0aa6\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_ia64.deb\n Size/MD5 checksum: 135772 c6acdfcafa2c47d3c03c7678b169e2d5\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_ia64.deb\n Size/MD5 checksum: 92586 13ba7f368b30ba3961b0673f2cd9139d\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_ia64.udeb\n Size/MD5 checksum: 72358 d5e35b607512e7bfd741a4bba11e61ca\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mips.deb\n Size/MD5 checksum: 111944 85fa22ee6cbe26d7f6334c84b396c7fc\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mips.deb\n Size/MD5 checksum: 118028 aa19adfe80326fa9ec472bc322b980ed\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mips.udeb\n Size/MD5 checksum: 49300 3135e946aa399647f1f10a9156fc4ea1\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mips.deb\n Size/MD5 checksum: 78496 64d1d7a727b09e2a4bc8c62d645cf328\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_mipsel.udeb\n Size/MD5 checksum: 48778 4d3fcc007909a033d1ee4b896a86a37f\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_mipsel.deb\n Size/MD5 checksum: 78148 45e111fd9a682f0a8a6650f910df2a96\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_mipsel.deb\n Size/MD5 checksum: 117516 65a9131fd1f0b9a8fc281c23f73135bb\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_mipsel.deb\n Size/MD5 checksum: 111432 ec3a493b1361b27e5eb6291bb342c836\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_powerpc.udeb\n Size/MD5 checksum: 43064 959561fcba2b19a726531003f58bc513\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_powerpc.deb\n Size/MD5 checksum: 112110 9e4185353c3b1fc0245c81cada9f54a9\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_powerpc.deb\n Size/MD5 checksum: 105748 b4326a4b51e847ee38985225643545f0\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_powerpc.deb\n Size/MD5 checksum: 74526 27dc981e31b48c01bb01d31625f63b78\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_s390.deb\n Size/MD5 checksum: 116122 6695ab7f9ba8a6b9e9450c5ccdbff0b0\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_s390.udeb\n Size/MD5 checksum: 53522 c0051f2a6080d62b9c0c16901145648e\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_s390.deb\n Size/MD5 checksum: 121790 2d735b968013a97ea10be8b1e1a7e00a\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_s390.deb\n Size/MD5 checksum: 80214 1266926c11aca9a4b79fc05f4e32c8bd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client-udeb_2.0pl5-19.5etch1_sparc.udeb\n Size/MD5 checksum: 43556 5f8aa11c612691d5333dcff69ed22148\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-client_2.0pl5-19.5etch1_sparc.deb\n Size/MD5 checksum: 106388 b4e9a9291d7057edfa0f2622e6eae727\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp_2.0pl5-19.5etch1_sparc.deb\n Size/MD5 checksum: 112822 23ec796a6e7794c73b397391f5245f35\n http://security.debian.org/pool/updates/main/d/dhcp/dhcp-relay_2.0pl5-19.5etch1_sparc.deb\n Size/MD5 checksum: 74926 3bfb54f34d1a4807fe3ed62fe30bd3e9\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- --------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2007-10-18T00:00:00", "published": "2007-10-18T00:00:00", "id": "DEBIAN:DSA-1388-1:538AA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00163.html", "title": "[SECURITY] [DSA 1388-1] New dhcp packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:52", "description": "\nUbuntu 6.06 - DHCPd Remote Denial of Service", "edition": 1, "published": "2007-11-02T00:00:00", "title": "Ubuntu 6.06 - DHCPd Remote Denial of Service", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5365"], "modified": "2007-11-02T00:00:00", "id": "EXPLOITPACK:4B78C6BEF4CEAF939CD1DAF654D5C6C6", "href": "", "sourceData": "Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit\nAuthor: RoMaNSoFt <roman@rs-labs.com>\n\nExploit-DB Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/4601.tgz (1022007-DoS-CVE-2007-5365.tgz)\n\n# milw0rm.com [2007-11-02]", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T21:21:00", "description": "BUGTRAQ ID: 32213\r\nCVE(CAN) ID: CVE-2007-5365\r\n\r\nSolaris\u662f\u4e00\u6b3e\u7531Sun\u5f00\u53d1\u548c\u7ef4\u62a4\u7684\u5546\u4e1a\u6027\u8d28UNIX\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nSolaris\u7684DHCP\u670d\u52a1\u5668\uff08in.dhcpd(1M)\uff09\u5904\u7406DHCP\u8bf7\u6c42\u4e2d\u7684\u5b89\u5168\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u8fdc\u7a0b\u975e\u7279\u6743\u7528\u6237\u6740\u6b7bDHCP\u670d\u52a1\u8fdb\u7a0b\uff08\u62d2\u7edd\u670d\u52a1\uff09\u6216\u4ee5root\u7528\u6237\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\n\nSun Solaris 9.0_x86\r\nSun Solaris 9.0\r\nSun Solaris 8.0_x86\r\nSun Solaris 8.0\r\nSun Solaris 10.0_x86\r\nSun Solaris 10.0\r\nSun OpenSolaris snv_01 - snv_102\n Sun\r\n---\r\nSun\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08Sun-Alert-243806\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nSun-Alert-243806\uff1aSecurity Vulnerabilities in DHCP Handling of DHCP Requests May Allow Remote Users to Execute Arbitrary Code or Cause a Denial of the DHCP Service\r\n\u94fe\u63a5\uff1a<a href=http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-243806-1 target=_blank>http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-243806-1</a>", "published": "2008-11-14T00:00:00", "title": "Sun Solaris DHCP\u8bf7\u6c42\u5904\u7406\u62d2\u7edd\u670d\u52a1\u53ca\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5365"], "modified": "2008-11-14T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4449", "id": "SSV:4449", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T21:55:43", "description": "No description provided by source.", "published": "2007-11-03T00:00:00", "type": "seebug", "title": "Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5365"], "modified": "2007-11-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-7446", "id": "SSV:7446", "sourceData": "\n Ubuntu\u00a06.06\u00a0DHCPd\u00a0bug\u00a0Remote\u00a0Denial\u00a0of\u00a0Service\u00a0Exploit\r\nAuthor:\u00a0RoMaNSoFt\u00a0<roman@rs-labs.com>\r\n\r\nhttp://sebug.net/paper/poc/11022007-DoS-CVE-2007-5365.tgz\r\n\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-7446", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T21:21:18", "description": "CVE ID\uff1aCVE-2007-5365\r\nSun Solaris\u662f\u4e00\u6b3e\u5546\u4e1a\u6027\u8d28\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nSun Solaris\u5904\u7406DHCP\u8bf7\u6c42\u5b58\u5728\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5bf9\u7cfb\u7edf\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n-\u5904\u7406DHCP\u8bf7\u6c42\u65f6in.dhcpd\u5b58\u5728\u8fb9\u754c\u9519\u8bef\uff0c\u53ef\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n-\u5904\u7406DHCP\u8bf7\u6c42\u65f6in.dhcpd\u5b58\u5728\u4e00\u4e2a\u672a\u660e\u9519\u8bef\uff0c\u53ef\u5bfc\u81f4DHCP\u670d\u52a1\u5668\u5b88\u62a4\u7a0b\u5e8f\u5d29\u6e83\u6216\u4ee5root\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nSun Solaris 10\r\nSun Solaris 8\r\nSun Solaris 9\n \u53ef\u53c2\u8003\u5982\u4e0b\u8865\u4e01\uff1a\r\n-- SPARC Platform --\r\nSolaris 8:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-109077-21-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-109077-21-1</a>\r\nSolaris 9:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-112837-16-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-112837-16-1</a>\r\nSolaris 10:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-138876-01-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-138876-01-1</a>\r\nOpenSolaris:\r\n\u5728builds snv_103\u53ca\u4e4b\u540e\u7248\u672c\u5f97\u5230\u4fee\u8865.\r\n-- x86 Platform --\r\nSolaris 8:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-109078-21-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-109078-21-1</a>\r\nSolaris 9:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-114265-15-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-114265-15-1</a>\r\nSolaris 10:\r\n<a href=http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-138877-01-1 target=_blank>http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-138877-01-1</a>\r\nOpenSolaris:\r\n\u5728builds snv_103\u53ca\u4e4b\u540e\u7248\u672c\u5f97\u5230\u4fee\u8865.", "published": "2008-11-12T00:00:00", "title": "Sun Solaris DHCP\u8bf7\u6c42\u5904\u7406\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5365"], "modified": "2008-11-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4436", "id": "SSV:4436", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "nessus": [{"lastseen": "2021-01-17T14:00:31", "description": "SunOS 5.10: usr/lib/inet/in.dhcpd patch.\nDate this patch was last updated by Sun : Nov/06/08", "edition": 21, "published": "2018-03-12T00:00:00", "title": "Solaris 10 (sparc) : 138876-01", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "modified": "2018-03-12T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:138876", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_138876-01.NASL", "href": "https://www.tenable.com/plugins/nessus/107508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107508);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5365\");\n\n script_name(english:\"Solaris 10 (sparc) : 138876-01\");\n script_summary(english:\"Check for patch 138876-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 138876-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: usr/lib/inet/in.dhcpd patch.\nDate this patch was last updated by Sun : Nov/06/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/138876-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 138876-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138876\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"138876-01\", obsoleted_by:\"148309-03 \", package:\"SUNWdhcsu\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWdhcsu\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:00:43", "description": "SunOS 5.10_x86: usr/lib/inet/in.dhcpd patc.\nDate this patch was last updated by Sun : Nov/06/08", "edition": 21, "published": "2018-03-12T00:00:00", "title": "Solaris 10 (x86) : 138877-01", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365"], "modified": "2018-03-12T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:138877", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_138877-01.NASL", "href": "https://www.tenable.com/plugins/nessus/108006", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108006);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5365\");\n\n script_name(english:\"Solaris 10 (x86) : 138877-01\");\n script_summary(english:\"Check for patch 138877-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 138877-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: usr/lib/inet/in.dhcpd patc.\nDate this patch was last updated by Sun : Nov/06/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/138877-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 138877-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138877\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"138877-01\", obsoleted_by:\"148310-03 \", package:\"SUNWdhcsu\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWdhcsu\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:54", "description": "An updated dhcp package that corrects a security flaw is now available\nfor Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\ndevices to get their own network configuration information from a\nserver.\n\nA bug was found in the way dhcpd validates certain DHCP protocol\noptions. A malicious DHCP client could send a carefully crafted DHCP\nrequest and cause dhcpd to crash or possibly execute arbitrary code.\n(CVE-2007-5365)\n\nAll users of dhcp should upgrade to this updated package, which\ncontains a backported patch that resolves this issue.", "edition": 27, "published": "2007-10-25T00:00:00", "title": "RHEL 2.1 : dhcp (RHSA-2007:0970)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365", "CVE-2007-0063"], "modified": "2007-10-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:dhcp"], "id": "REDHAT-RHSA-2007-0970.NASL", "href": "https://www.tenable.com/plugins/nessus/27566", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0970. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27566);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0063\", \"CVE-2007-5365\");\n script_xref(name:\"RHSA\", value:\"2007:0970\");\n\n script_name(english:\"RHEL 2.1 : dhcp (RHSA-2007:0970)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated dhcp package that corrects a security flaw is now available\nfor Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\ndevices to get their own network configuration information from a\nserver.\n\nA bug was found in the way dhcpd validates certain DHCP protocol\noptions. A malicious DHCP client could send a carefully crafted DHCP\nrequest and cause dhcpd to crash or possibly execute arbitrary code.\n(CVE-2007-5365)\n\nAll users of dhcp should upgrade to this updated package, which\ncontains a backported patch that resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-0063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0970\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0970\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"dhcp-2.0pl5-11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:01:22", "description": "SunOS 5.8: dhcp server and admin patch.\nDate this patch was last updated by Sun : Nov/06/08", "edition": 21, "published": "2004-07-12T00:00:00", "title": "Solaris 8 (sparc) : 109077-21", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365", "CVE-2008-5010"], "modified": "2004-07-12T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS8_109077.NASL", "href": "https://www.tenable.com/plugins/nessus/13310", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(13310);\n script_version(\"1.39\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5365\", \"CVE-2008-5010\");\n\n script_name(english:\"Solaris 8 (sparc) : 109077-21\");\n script_summary(english:\"Check for patch 109077-21\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 109077-21\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.8: dhcp server and admin patch.\nDate this patch was last updated by Sun : Nov/06/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/109077-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWhea\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWdhcsu\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWdhcm\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWdhcsr\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWcsu\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"109077-21\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:05", "description": "Nahuel Riva and Gerardo Richarte discovered that the DHCP server did\nnot correctly handle certain client options. A remote attacker could\nsend malicious DHCP replies to the server and execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dhcp vulnerability (USN-531-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365", "CVE-2008-5010"], "modified": "2007-11-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:dhcp-relay", "p-cpe:/a:canonical:ubuntu_linux:dhcp", "p-cpe:/a:canonical:ubuntu_linux:dhcp-client", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-531-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-531-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28136);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5365\", \"CVE-2008-5010\");\n script_xref(name:\"USN\", value:\"531-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dhcp vulnerability (USN-531-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nahuel Riva and Gerardo Richarte discovered that the DHCP server did\nnot correctly handle certain client options. A remote attacker could\nsend malicious DHCP replies to the server and execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/531-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhcp, dhcp-client and / or dhcp-relay packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.5ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.5ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.5ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp\", pkgver:\"2.0pl5dfsg1-20ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5dfsg1-20ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5dfsg1-20ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp / dhcp-client / dhcp-relay\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:05", "description": "USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete,\nand only reduced the scope of the vulnerability, without fully solving\nit. This update fixes the problem.\n\nNahuel Riva and Gerardo Richarte discovered that the DHCP server did\nnot correctly handle certain client options. A remote attacker could\nsend malicious DHCP replies to the server and execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dhcp vulnerability (USN-531-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365", "CVE-2008-5010"], "modified": "2007-11-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:dhcp-relay", "p-cpe:/a:canonical:ubuntu_linux:dhcp", "p-cpe:/a:canonical:ubuntu_linux:dhcp-client", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-531-2.NASL", "href": "https://www.tenable.com/plugins/nessus/28137", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-531-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28137);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5365\", \"CVE-2008-5010\");\n script_xref(name:\"USN\", value:\"531-2\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : dhcp vulnerability (USN-531-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete,\nand only reduced the scope of the vulnerability, without fully solving\nit. This update fixes the problem.\n\nNahuel Riva and Gerardo Richarte discovered that the DHCP server did\nnot correctly handle certain client options. A remote attacker could\nsend malicious DHCP replies to the server and execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/531-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected dhcp, dhcp-client and / or dhcp-relay packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dhcp-relay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.4ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.4ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.4ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp\", pkgver:\"2.0pl5-19.5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5-19.5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5-19.5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp\", pkgver:\"2.0pl5dfsg1-20ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp-client\", pkgver:\"2.0pl5dfsg1-20ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"dhcp-relay\", pkgver:\"2.0pl5dfsg1-20ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp / dhcp-client / dhcp-relay\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:44:51", "description": "The patch used to correct the DHCP server buffer overflow in\nDSA-1388-1 was incomplete and did not adequately resolve the problem.\nThis update to the previous advisory makes updated packages based on a\nnewer version of the patch available.\n\nFor completeness, please find below the original advisory :\n\nIt was discovered that dhcp, a DHCP server for automatic IP address\nassignment, didn't correctly allocate space for network replies. This\ncould potentially allow a malicious DHCP client to execute arbitrary\ncode upon the DHCP server.", "edition": 28, "published": "2007-10-19T00:00:00", "title": "Debian DSA-1388-3 : dhcp - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5365", "CVE-2008-5010"], "modified": "2007-10-19T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dhcp", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1388.NASL", "href": "https://www.tenable.com/plugins/nessus/27515", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1388. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27515);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5365\", \"CVE-2008-5010\");\n script_xref(name:\"DSA\", value:\"1388\");\n\n script_name(english:\"Debian DSA-1388-3 : dhcp - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The patch used to correct the DHCP server buffer overflow in\nDSA-1388-1 was incomplete and did not adequately resolve the problem.\nThis update to the previous advisory makes updated packages based on a\nnewer version of the patch available.\n\nFor completeness, please find below the original advisory :\n\nIt was discovered that dhcp, a DHCP server for automatic IP address\nassignment, didn't correctly allocate space for network replies. This\ncould potentially allow a malicious DHCP client to execute arbitrary\ncode upon the DHCP server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1388\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the dhcp packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.0pl5-19.5etch2.\n\nUpdates to the old stable version (sarge) are pending.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"dhcp\", reference:\"2.0pl5-19.5etch2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhcp-client\", reference:\"2.0pl5-19.5etch2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhcp-relay\", reference:\"2.0pl5-19.5etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp\", reference:\"2.0pl5-19.5etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp-client\", reference:\"2.0pl5-19.5etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"dhcp-relay\", reference:\"2.0pl5-19.5etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0063", "CVE-2007-5365"], "description": "The dhcp package provides the ISC Dynamic Host Configuration Protocol\r\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\r\ndevices to get their own network configuration information from a server.\r\n\r\nA bug was found in the way dhcpd validates certain DHCP protocol options. \r\nA malicious DHCP client could send a carefully crafted DHCP request and cause\r\ndhcpd to crash or possibly execute arbitrary code. (CVE-2007-5365)\r\n\r\nAll users of dhcp should upgrade to this updated package, which contains a\r\nbackported patch that resolves this issue.", "modified": "2018-03-14T19:27:12", "published": "2007-10-23T04:00:00", "id": "RHSA-2007:0970", "href": "https://access.redhat.com/errata/RHSA-2007:0970", "type": "redhat", "title": "(RHSA-2007:0970) Important: dhcp security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:21", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5365", "CVE-2007-0063"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0970-01\n\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol\r\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\r\ndevices to get their own network configuration information from a server.\r\n\r\nA bug was found in the way dhcpd validates certain DHCP protocol options. \r\nA malicious DHCP client could send a carefully crafted DHCP request and cause\r\ndhcpd to crash or possibly execute arbitrary code. (CVE-2007-5365)\r\n\r\nAll users of dhcp should upgrade to this updated package, which contains a\r\nbackported patch that resolves this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-October/026375.html\n\n**Affected packages:**\ndhcp\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2007-10-23T23:27:07", "published": "2007-10-23T23:27:07", "href": "http://lists.centos.org/pipermail/centos-announce/2007-October/026375.html", "id": "CESA-2007:0970-01", "title": "dhcp security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-01-31T21:19:07", "description": "Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit. CVE-2007-5365,CVE-2008-5010. Dos exploits for multiple platform", "published": "2007-11-02T00:00:00", "type": "exploitdb", "title": "Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-5365", "CVE-2008-5010"], "modified": "2007-11-02T00:00:00", "id": "EDB-ID:4601", "href": "https://www.exploit-db.com/exploits/4601/", "sourceData": "Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit\r\nAuthor: RoMaNSoFt <roman@rs-labs.com>\r\n\r\nExploit-DB mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/4601.tgz (1022007-DoS-CVE-2007-5365.tgz)\r\n\r\n# milw0rm.com [2007-11-02]\r\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/4601/"}], "securityvulns": [{"lastseen": "2018-08-31T11:09:27", "bulletinFamily": "software", "cvelist": ["CVE-2007-5365", "CVE-2007-0063"], "description": "Integer overflow with "maximum message size" option leads to buffer overflow.", "edition": 1, "modified": "2007-11-05T00:00:00", "published": "2007-11-05T00:00:00", "id": "SECURITYVULNS:VULN:8244", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8244", "title": "OpenBSD DHCP server buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
