3 matches found
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendorspecific DHCP opcode. The...
SUSE SLED15 / SLES15 Security Update : wicked (SUSE-SU-2020:0347-1)
This update for wicked fixes the following issues : CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IAPD option bsc1160904. CVE-2020-7217: Fixed a memory leak in DHCP4 fsm when processing packets for other client ids bsc1160906. Note that Tenable Network Security has extracted...
DEBIAN-CVE-2019-5747
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...