14 matches found
SUSE: Security Advisory (SUSE-SU-2026:20989-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2026:20452-1 Security update for kea
This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...
SUSE-SU-2026:20989-1 Security update for kea
This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...
AlmaLinux 10 : kea (ALSA-2025:21038)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21038 advisory. kea: Invalid characters cause assert CVE-2025-11232 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note tha...
Oracle Linux 10 : kea (ELSA-2025-21006)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21006 advisory. - Fixes CVE-2025-11232 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...
RLSA-2025:21038 Important: kea security update
DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...
RHEL 10 : kea (RHSA-2025:21038)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21038 advisory. DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers...
ALSA-2025:21038 Important: kea security update
DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...
Fedora: Security Advisory (FEDORA-2025-e121742c9d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : kea (2025-e121742c9d)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e121742c9d advisory. - New version 3.0.2 rhbz2407048 - Fixes CVE-2025-11232 rhbz2407228 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 43 : kea (2025-a7cea1535d)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-a7cea1535d advisory. - New version 3.0.2 rhbz2407048 - Fixes CVE-2025-11232 rhbz2407229 Tenable has extracted the preceding description block directly from the Fedora security...
FreeBSD : ISC KEA -- Invalid characters cause assert (55c4e822-b4e4-11f0-8438-001b217e4ee5)
"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 55c4e822-b4e4-11f0-8438-001b217e4ee5 advisory. Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must...
Linux Distros Unpatched Vulnerability : CVE-2025-11232
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To trigger the issue, three configuration parameters must have specific settings: hostname-char-set must be left at the default setting, which is ^A-Za-z0-9.-;...
CVE-2025-11232
Kea DHCP (ISC) vulnerability CVE-2025-11232 affects Kea 3.0.1 and 3.1.1–3.1.2. The root cause is an assertion triggered by three specific default config values: hostname-char-set uses the default [^A-Za-z0-9.-], hostname-char-replacement is empty, and ddns-qualifying-suffix is non-empty. When a c...