Lucene search
OracleLinuxELSA-2019-2060HistoryAug 13, 2019 - 12:00 a.m.
dhcp security and bug fix update
2019-08-1300:00:00
linux.oracle.com
47
7.5 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
[12:4.2.5-77.0.1]
- Direct users to Oracle Linux support site.
[12:4.2.5-77] - Resolves: #1712414 - Reset signal handlers set by isclib
[12:4.2.5-76] - Resolves: #1704675 - Fix crash of dhcpd(6) triggered by bind rebase
[12:4.2.5-75] - Resolves: #1672308 - Do not restart dhcp on NetworkManagers up events
[12:4.2.5-74] - Use bind-export-libs package instead of bind99
- Use isc-config.sh to configure bind libs
- Change requirement to bind-export-devel
- Compile with recent bind includes, that does not include isc/util.h
[12:4.2.5-73] - Resolves: #1635181
- Change default ipv6 prefix to /128.
- Allow its customization via cl option
[12:4.2.5-72] - Resolves: #1647784 - Update renew time if it is greater than expiry
[12:4.2.5-71] - Resolves: #1623792 - Load leases file in tracing mode only
[12:4.2.5-70] - Resolves: #1574292 - Fix options conflict for ddns update
[12:4.2.5-69] - Resolves: #1570895 - Fix command execution vulnerability (CVE-2018-1111)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | dhcp | < 4.2.5-77.0.1.el7 | dhcp-4.2.5-77.0.1.el7.src.rpm |
| oracle linux | 7 | aarch64 | dhclient | < 4.2.5-77.0.1.el7 | dhclient-4.2.5-77.0.1.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | dhcp | < 4.2.5-77.0.1.el7 | dhcp-4.2.5-77.0.1.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | dhcp-common | < 4.2.5-77.0.1.el7 | dhcp-common-4.2.5-77.0.1.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | dhcp-devel | < 4.2.5-77.0.1.el7 | dhcp-devel-4.2.5-77.0.1.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | dhcp-libs | < 4.2.5-77.0.1.el7 | dhcp-libs-4.2.5-77.0.1.el7.aarch64.rpm |
| oracle linux | 7 | src | dhcp | < 4.2.5-77.0.1.el7 | dhcp-4.2.5-77.0.1.el7.src.rpm |
| oracle linux | 7 | x86_64 | dhclient | < 4.2.5-77.0.1.el7 | dhclient-4.2.5-77.0.1.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | dhcp | < 4.2.5-77.0.1.el7 | dhcp-4.2.5-77.0.1.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | dhcp-common | < 4.2.5-77.0.1.el7 | dhcp-common-4.2.5-77.0.1.el7.x86_64.rpm |
Related
redhatcve
redhatcve
CVE-2019-6470
2019-05-10 13:20:13
CVE-2018-1111
2019-10-10 06:14:07
nessus
nessus
openSUSE Security Update : dhcp (openSUSE-2019-2340)
2019-10-21 00:00:00
SUSE SLES12 Security Update : dhcp (SUSE-SU-2019:2727-2)
2019-11-13 00:00:00
openSUSE Security Update : dhcp (openSUSE-2019-2341)
2019-10-21 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2657-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-1826)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2019-2137)
2020-01-23 00:00:00
amazon
amazon
ubuntucve
ubuntucve
CVE-2019-6470
2019-05-03 00:00:00
prion
prion
Code injection
2019-11-01 23:15:00
Command injection
2018-05-17 16:29:00
ubuntu
ubuntu
DHCP vulnerability
2019-05-13 00:00:00
debiancve
debiancve
CVE-2019-6470
2019-11-01 23:15:00
alpinelinux
alpinelinux
CVE-2019-6470
2019-11-01 23:15:00
veracode
veracode
Denial Of Service (Dos)
2019-08-08 00:07:17
Arbitrary Command Execution
2019-01-15 09:22:09
suse
suse
Security update for dhcp (moderate)
2019-10-20 00:00:00
Security update for dhcp (moderate)
2019-10-20 00:00:00
cve
cve
CVE-2019-6470
2019-11-01 23:15:00
CVE-2018-1111
2018-05-17 16:29:00
centos
centos
dhclient, dhcp security update
2019-08-30 02:41:23
dhclient, dhcp security update
2018-05-15 15:51:39
dhclient, dhcp security update
2018-05-15 17:32:34
oraclelinux
oraclelinux
dhcp security and bug fix update
2019-11-14 00:00:00
dhcp security update
2018-05-15 00:00:00
dhcp security update
2018-05-15 00:00:00
osv
osv
CVE-2019-6470
2019-11-01 23:15:10
f5
f5
K39573942 : DHCP vulnerability CVE-2019-6470
2019-09-04 00:00:00
K32541890 : DHCP Client Script Code Execution vulnerability CVE-2018-1111
2018-05-25 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-6470 affecting package bind 9.16.37-2
2021-05-16 16:46:11
CVE-2019-6470 affecting package bind 9.16.48-1
2022-04-09 06:51:52
CVE-2019-6470 affecting package bind 9.19.21-1
2024-03-19 17:21:46
redhat
redhat
(RHSA-2019:2060) Moderate: dhcp security and bug fix update
2019-08-06 07:56:37
(RHSA-2019:3525) Moderate: dhcp security and bug fix update
2019-11-05 17:56:03
(RHSA-2018:1457) Critical: dhcp security update
2018-05-15 12:14:55
fedora
fedora
[SECURITY] Fedora 26 Update: dhcp-4.3.5-11.fc26
2018-05-16 13:13:51
[SECURITY] Fedora 28 Update: dhcp-4.3.6-20.fc28
2018-05-15 14:48:04
[SECURITY] Fedora 27 Update: dhcp-4.3.6-10.fc27
2018-05-15 15:28:58
metasploit
metasploit
DHCP Client Command Injection (DynoRoot)
2018-05-18 16:47:08
checkpoint_advisories
checkpoint_advisories
Red Hat Linux DHCP Client Command Injection (CVE-2018-1111)
2018-05-21 00:00:00
Red Hat NetworkManager DHCP Command Injection (CVE-2018-1111)
2019-01-14 00:00:00
packetstorm
packetstorm
DHCP Client Command Injection (DynoRoot)
2018-06-12 00:00:00
DynoRoot DHCP Command Injection
2018-05-18 00:00:00
zdt
zdt
DHCP Client - Command Injection (DynoRoot) Exploit
2018-06-13 00:00:00
DynoRoot DHCP - Client Command Injection Exploit
2018-05-18 00:00:00
ibm
ibm
thn
thn
Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks
2018-05-15 20:31:00
saint
saint
Red Hat DHCP client NetworkManager integration script command injection
2018-05-18 00:00:00
Red Hat DHCP client NetworkManager integration script command injection
2018-05-18 00:00:00
Red Hat DHCP client NetworkManager integration script command injection
2018-05-18 00:00:00
seebug
seebug
DHCP Client Script Code Execution Vulnerability(CVE-2018-1111)
2018-05-16 00:00:00
exploitpack
exploitpack
DynoRoot DHCP Client - Command Injection
2018-05-18 00:00:00
exploitdb
exploitdb
DHCP Client - Command Injection 'DynoRoot' (Metasploit)
2018-06-13 00:00:00
DynoRoot DHCP Client - Command Injection
2018-05-18 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0521
2023-01-30 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0223
2020-03-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0223
2020-04-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2245
2023-10-17 12:03:14
trendmicroblog
trendmicroblog
7.5 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
Related for ELSA-2019-2060