276 matches found
[SECURITY] Fedora 42 Update: kea-3.0.2-1.fc42
DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...
Fedora 42 : kea (2025-e121742c9d)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e121742c9d advisory. - New version 3.0.2 rhbz2407048 - Fixes CVE-2025-11232 rhbz2407228 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora: Security Advisory (FEDORA-2025-a7cea1535d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 43 Update: kea-3.0.2-1.fc43
DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...
Fedora 43 : kea (2025-a7cea1535d)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-a7cea1535d advisory. - New version 3.0.2 rhbz2407048 - Fixes CVE-2025-11232 rhbz2407229 Tenable has extracted the preceding description block directly from the Fedora security...
kea-3.0.2-1.1 on GA media (moderate)
kea-3.0.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15677-1 Rating: moderate Cross-References: CVE-2025-11232 CVSS scores: CVE-2025-11232 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-11232 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...
SUSE CVE-2025-11232
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
Linux Distros Unpatched Vulnerability : CVE-2025-11232
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To trigger the issue, three configuration parameters must have specific settings: hostname-char-set must be left at the default setting, which is ^A-Za-z0-9.-;...
FreeBSD : ISC KEA -- Invalid characters cause assert (55c4e822-b4e4-11f0-8438-001b217e4ee5)
"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 55c4e822-b4e4-11f0-8438-001b217e4ee5 advisory. Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must...
CVE-2025-11232
A flaw was found in Kea. A remote attacker can send specific option content to the kea-dhcp4 server. When the server is configured with specific parameters, an assertion failure can be triggered and cause the kea-dhcp4 process to exit unexpectedly, resulting in a denial of service. Mitigation Set...
EUVD-2025-36693
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
CVE-2025-11232
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
UBUNTU-CVE-2025-11232
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
CVE-2025-11232 Invalid characters cause assert
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
CVE-2025-11232 Invalid characters cause assert
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
CVE-2025-11232
Kea DHCP (ISC) vulnerability CVE-2025-11232 affects Kea 3.0.1 and 3.1.1–3.1.2. The root cause is an assertion triggered by three specific default config values: hostname-char-set uses the default [^A-Za-z0-9.-], hostname-char-replacement is empty, and ddns-qualifying-suffix is non-empty. When a c...
CVE-2025-11232
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...
PT-2025-44333
Name of the Vulnerable Software and Affected Versions Kea versions 3.0.1 through 3.0.1 Kea versions 3.1.1 through 3.1.2 Description The software can exit unexpectedly when receiving certain option content from a client if three configuration parameters are set to specific values. Specifically, th...
ISC Kea 安全漏洞
ISC Kea is a modern open source DHCPv4 and DHCPv6 server from the ISC organization. A security vulnerability exists in ISC Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2, which stems from an improper setting of specific configuration parameters that could cause kea-dhcp4 to exit...
OPENSUSE-SU-2025:15677-1 kea-3.0.2-1.1 on GA media
These are all security issues fixed in the kea-3.0.2-1.1 package on the GA media of openSUSE Tumbleweed...