Gregory Duchemin

**Name of the Vulnerable Software and Affected Versions** Sourcefire Defense Center (DC) and 3D Sensor versions prior to 4.8.2 **Description** The issue allows remote authenticated users to gain privileges. This is achieved by setting the `admin` parameter to a specific `$admin` value in an edit action to the `/admin/user/user.cgi` API endpoint and possibly other components. **Recommendations** For versions prior to 4.8.2, update to version 4.8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/admin/user/user.cgi` API endpoint and other potentially vulnerable components to minimize the risk of exploitation. Avoid using the `admin` parameter in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** D-Link AirPlus DI-614+ versions 2.30 and earlier **Description** The issue is caused by an integer signedness error that allows remote attackers to cause a denial of service, specifically IP lease depletion, via a DHCP request. This request has the LEASETIME option set to -1, making the DHCP lease valid for thirteen or more years. **Recommendations** For D-Link AirPlus DI-614+ versions 2.30 and earlier, update to a version later than 2.30 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Infoblox DNS One versions 2.4.0-8 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to execute arbitrary scripts as other users. This is achieved via the `CLIENTID` or `HOSTNAME` option of a DHCP request. **Recommendations** For Infoblox DNS One versions 2.4.0-8 and earlier, update to a version later than 2.4.0-8 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ISC DHCP versions 3.0.1rc12 through 3.0.1rc13 **Description** The issue is related to a buffer overflow in the logging capability for the DHCP daemon. This can be triggered by remote attackers sending multiple hostname options in various DHCP messages, such as DISCOVER, OFFER, REQUEST, ACK, or NAK messages. The vulnerability can cause a denial of service, resulting in a server crash, and potentially allow the execution of arbitrary code when a long string is generated while writing to a log file. **Recommendations** For ISC DHCP versions 3.0.1rc12 and 3.0.1rc13, consider disabling the logging capability for the DHCP daemon until a patch is available. Restrict access to the DHCP daemon to minimize the risk of exploitation. Avoid using the hostname options in DHCP messages until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ISC DHCP versions 3.0.1rc12 through 3.0.1rc13 **Description** The issue arises when the DHCP daemon (DHCPD) for ISC DHCP is compiled in environments lacking the vsnprintf function, leading to the use of C include files that define vsnprintf to use the less safe vsprintf function. This can result in buffer overflow vulnerabilities, enabling a denial of service (server crash) and possibly allowing the execution of arbitrary code. **Recommendations** For versions 3.0.1rc12 and 3.0.1rc13, consider compiling the DHCP daemon in an environment that provides the vsnprintf function to mitigate the risk of buffer overflow vulnerabilities. As a temporary workaround, restrict access to the DHCP service to minimize the risk of exploitation.