PT-2016-3470 · Roy Marples · Dhcpcd

Guido Vranken

+1

·

Publicado

2015-12-07

·

Atualizado

2016-04-13

·

CVE-2012-6700

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions dhcpcd versions 3.x
Description The issue is related to the decode search function in dhcp.c, which does not properly free allocated memory. This allows remote DHCP servers to cause a denial of service via a crafted response.
Recommendations For dhcpcd versions 3.x, consider updating to a version where the decode search function properly handles memory allocation to prevent denial of service attacks.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2012-6700
DLA-362-1
DSA-3534-1
SUSE-SU-2015:2174-1

Produtos afetados

Dhcpcd