MiracleLinux 7 : dhcp-4.2.5-58.1.0.1.el7.AXS7 (AXSA:2018-2570:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2570:01 advisory. It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port...

EUVD-2020-6482

Malware in sbrugna...

Cross site scripting

The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input validation in the loadpreviews function found in the /OMAPI/Output.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.6.0...

CVE-2021-39325 OptinMonster <= 2.6.0 Reflected Cross-Site Scripting

The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input validation in the loadpreviews function found in the /OMAPI/Output.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.6.0...

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...

Design/Logic Flaw

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...

CVE-2020-14335

CVE-2020-14335 describes a vulnerability in Red Hat Satellite where a privileged attacker could read OMAPI secrets via the ISC DHCP server used by Smart-Proxy, potentially gaining control of DHCP records on the network. The CVE is listed with a local attack vector and a low to moderate overall ri...

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...

SUSE: Security Advisory (SUSE-SU-2016:1791-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability. Mitigation...

Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2018-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2003-1 : isc-dhcp security update

An issue has been found in isc-dhcp, a server for automatic IP address assignment. The number of simultaneous open TCP connections to OMAPI port of the server has to be limited to 200 in order to avoid a denial of service. For Debian 8 'Jessie', this problem has been fixed in version...

[SECURITY] [DLA 2003-1] isc-dhcp security update

Package : isc-dhcp Version : 4.3.1-6+deb8u4 CVE ID : CVE-2016-2774 An issue has been found in isc-dhcp, a server for automatic IP address assignment. The number of simultaneous open TCP connections to OMAPI port of the server has to be limited to 200 in order to avoid a denial of service. For...

NewStart CGSL CORE 5.04 / MAIN 5.04 : dhcp Multiple Vulnerabilities (NS-SA-2019-0021)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dhcp packages installed that are affected by multiple vulnerabilities: - It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI...

EulerOS Virtualization 3.0.1.0 : dhcp (EulerOS-SA-2019-1443)

According to the versions of the dhcp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service applicati...

CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...

CVE-2017-3144

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...

Design/Logic Flaw

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond...

CVE-2017-3144

ISC DHCP vulnerability CVE-2017-3144 arises from failure to properly clean up closed OMAPI connections, which can exhaust the DHCP server’s socket descriptor pool and cause a denial of service. Affected releases include ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, and 4.3.0 to 4.3.6; older vers...