Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-506-1
HistoryJun 06, 2016 - 12:00 a.m.

dhcpcd5 - security update

2016-06-0600:00:00
Google
osv.dev
7

0.012 Low

EPSS

Percentile

85.4%

JSON

Two vulnerabilities were discovered in dhcpcd5 a DHCP client package.
A remote (on a local network) attacker can possibly execute arbitrary
code or cause a denial of service attack by crafted messages.

  • CVE-2014-7912
    The get_option function does not validate the relationship between
    length fields and the amount of data, which allows remote DHCP
    servers to execute arbitrary code or cause a denial of service
    (memory corruption) via a large length value of an option in a
    DHCPACK message.
  • CVE-2014-7913
    The print_option function misinterprets the return value of the
    snprintf function, which allows remote DHCP servers to execute
    arbitrary code or cause a denial of service (memory corruption)
    via a crafted message.

For Debian 7 Wheezy, these problems have been fixed in version
5.5.6-1+deb7u2.

We recommend that you upgrade your dhcpcd5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: <https://wiki.debian.org/LTS&gt;

CPENameOperatorVersion
dhcpcd5eq5.5.6-1
dhcpcd5eq5.5.6-1+deb7u1

Related

nessus 5
debian 1
openvas 2
android 1
prion 2
cve 2
cvelist 2
freebsd 2
ubuntucve 2
debiancve 2
zdi 1
nvd 2
altlinux 1
mageia 1
nessus
nessus
Debian DLA-506-1 : dhcpcd5 security update
2016-06-07 00:00:00
FreeBSD : dhcpcd -- remote code execution/denial of service (092156c9-04d7-11e6-b1ce-002590263bf5)
2016-04-18 00:00:00
FreeBSD : dhcpcd -- remote code execution/denial of service (6ec9f210-0404-11e6-9aee-bc5ff4fb5ea1)
2016-04-18 00:00:00
debian
debian
[SECURITY] [DLA 506-1] dhcpcd5 security update
2016-06-06 21:38:06
openvas
openvas
Debian: Security Advisory (DLA-506-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2016-0190)
2022-01-28 00:00:00
android
android
dhcpd buffer overrun
2015-03-12 00:00:00
prion
prion
Memory corruption
2015-07-30 00:59:00
Memory corruption
2015-07-30 00:59:00
cve
cve
CVE-2014-7912
2015-07-30 00:59:00
CVE-2014-7913
2015-07-30 00:59:01
cvelist
cvelist
CVE-2014-7912
2015-07-30 00:00:00
CVE-2014-7913
2015-07-30 00:00:00
freebsd
freebsd
dhcpcd -- remote code execution/denial of service
2015-06-19 00:00:00
dhcpcd -- remote code execution/denial of service
2016-01-22 00:00:00
ubuntucve
ubuntucve
CVE-2014-7912
2015-07-30 00:00:00
CVE-2014-7913
2015-07-30 00:00:00
debiancve
debiancve
CVE-2014-7912
2015-07-30 00:59:00
CVE-2014-7913
2015-07-30 00:59:01
zdi
zdi
(Mobile Pwn2Own) Google Android DHCP Parsing Remote Code Execution Vulnerability
2015-03-12 00:00:00
nvd
nvd
CVE-2014-7912
2015-07-30 00:59:00
CVE-2014-7913
2015-07-30 00:59:01
altlinux
altlinux
Security fix for the ALT Linux 8 package dhcpcd version 1:6.10.1-alt1
2016-01-25 00:00:00
mageia
mageia
Updated dhcpcd packages fix security vulnerability
2016-05-20 14:38:30

0.012 Low

EPSS

Percentile

85.4%

JSON
Related for OSV:DLA-506-1
nessus5debian1openvas2android1prion2cve2cvelist2freebsd2ubuntucve2debiancve2zdi1nvd2altlinux1mageia1