PT-2024-35453 · Riot · Riot

Name of the Vulnerable Software and Affected Versions: RIOT versions 2024.04 and prior Description: The issue is related to the parse advertise function, located in /sys/net/application layer/dhcpv6/client.c, which lacks a minimum header length check for dhcpv6 opt t after processing dhcpv6 msg t...

DHCP memory leak

...

RLSA-2024:3271 Important: bind and dhcp security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The Dynamic Hos...

RHEL 7 : bind, bind-dyndb-ldap, and dhcp (RHSA-2024:3741)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3741 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

Important: bind and dhcp security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The Dynamic Hos...

Important: Red Hat Security Advisory: bind and dhcp security update

An update for bind is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

The vulnerability of the DHCP protocol lies in the lack of authentication for the critical function, allowing attackers to manipulate routes to redirect VPN traffic.

The vulnerability of the DHCP protocol lies in the lack of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to remotely manipulate routing mechanisms, thereby redirecting VPN traffic...

The vulnerability of the NETCONF protocol implementation in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NETCONF protocol implementation in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

PT-2024-3299 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in memory in the DHCP Server Service of Windows operating systems. This can allow a remote attacker to execute arbitrary code. The vulnerability...

The vulnerability of the NETCONF or RESTCONF protocol implementations for the Data Model Interface (DMI) of Cisco IOS XE operating systems allows attackers to circumvent security restrictions and gain unauthorized access to resources.

The vulnerability of the NETCONF or RESTCONF protocols for the Data Model Interface DMI service of Cisco IOS XE lies in the lack of error-handling mechanisms when the order of entries in the access control list is changed after an update. Exploiting this vulnerability allows a malicious actor to...

Discovery and Basic Configuration Protocol Access Control Error Vulnerability

Discovery and Basic Configuration Protocol is a discovery and basic configuration protocol used by engineering tools and controllers to discover devices, identify device information, and configure device settings such as PROFINET device names, IP addresses, and so on in a PROFINET network. An...

edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message

A security weakness was identified in EDK2, the open-source reference implementation of the UEFI specification, revealing a buffer overflow vulnerability. This vulnerability enables an unauthorized attacker within proximity on the network to transmit a specifically crafted DHCPv6 Advertise messag...

The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library, which allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

AZL-39451 CVE-2023-45234 affecting package hvloader for versions less than 1.0.1-9

EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or...

AZL-39319 CVE-2023-45235 affecting package hvloader for versions less than 1.0.1-9

EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or...

PT-2024-1116 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 22.2R2-S2, 22.2R3 Juniper Networks Junos OS versions prior to 22.3R2, 22.3R3 Juniper Networks Junos OS Evolved versions prior to 22.2R2-S2-EVO, 22.2R3-EVO Juniper Networks Junos OS Evolved versions...

CVE-2023-35638

DHCP Server Service Denial of Service Vulnerability...

Dynamic Host Configuration Protocol (DHCP) Detection

UDP based detection via DHCPINFORM message of services supporting the Dynamic Host Configuration Protocol DHCP. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2023-44184

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon mgd process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU...

Juniper Networks Junos OS and Junos OS Evolved Buffer Error Vulnerability

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...