PT-2017-15685 · Isc+5 · Isc Dhcp+5
Publicado
2017-12-21
·
Atualizado
2024-06-15
·
CVE-2017-3144
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
ISC DHCP versions 4.1.0 through 4.1-ESV-R15
ISC DHCP versions 4.2.0 through 4.2.8
ISC DHCP versions 4.3.0 through 4.3.6
Description
A vulnerability exists due to the failure to properly clean up closed OMAPI connections, which can lead to exhaustion of the pool of socket descriptors available to the DHCP server.
Recommendations
For versions 4.1.0 through 4.1-ESV-R15, update to a version outside of this range to resolve the issue.
For versions 4.2.0 through 4.2.8, update to a version outside of this range to resolve the issue.
For versions 4.3.0 through 4.3.6, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting the use of OMAPI connections to minimize the risk of socket descriptor exhaustion.
Correção
Resource Exhaustion
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Isc Dhcp
Red Hat
Suse
Ubuntu