TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ USN-2868-1: DHCP vulnerability

Unix Server ubuntu.com

Ubuntu Security Notice USN-2868-1

13th January, 2016

isc-dhcp vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10
  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

DHCP server, client, or relay could be made to crash if they received specially crafted network traffic.

Software description

  • isc-dhcp - DHCP server and client

Details

Sebastian Poehn discovered that the DHCP server, client, and relay
incorrectly handled certain malformed UDP packets. A remote attacker could
use this issue to cause the DHCP server, client, or relay to stop
responding, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:
isc-dhcp-server 4.3.1-5ubuntu3.1
isc-dhcp-relay 4.3.1-5ubuntu3.1
isc-dhcp-client 4.3.1-5ubuntu3.1
isc-dhcp-server-ldap 4.3.1-5ubuntu3.1
Ubuntu 15.04:
isc-dhcp-server 4.3.1-5ubuntu2.3
isc-dhcp-relay 4.3.1-5ubuntu2.3
isc-dhcp-client 4.3.1-5ubuntu2.3
isc-dhcp-server-ldap 4.3.1-5ubuntu2.3
Ubuntu 14.04 LTS:
isc-dhcp-server 4.2.4-7ubuntu12.4
isc-dhcp-relay 4.2.4-7ubuntu12.4
isc-dhcp-client 4.2.4-7ubuntu12.4
isc-dhcp-server-ldap 4.2.4-7ubuntu12.4
Ubuntu 12.04 LTS:
isc-dhcp-server 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-relay 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-client 4.1.ESV-R4-0ubuntu5.10
isc-dhcp-server-ldap 4.1.ESV-R4-0ubuntu5.10

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-8605

...


Kompletten Artikel lesen (externe Quelle: http://www.ubuntu.com/usn/usn-2868-1/)

Zur Startseite

Kommentiere zu USN-2868-1: DHCP vulnerability






➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

USN-2868-1: DHCP vulnerability

vom 637.45 Punkte
Ubuntu Security Notice USN-2868-1 13th January, 2016 isc-dhcp vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary DHCP server, c

USN-2868-1: DHCP vulnerability

vom 637.45 Punkte
Ubuntu Security Notice USN-2868-1 13th January, 2016 isc-dhcp vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary DHCP server, c

USN-3586-1: DHCP vulnerabilities

vom 502.43 Punkte
Ubuntu Security Notice USN-3586-1 1st March, 2018 isc-dhcp vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixe

CVE-2020-3947: Use-After-Free Vulnerability in the VMware Workstation DHCP Component

vom 181.33 Punkte
Ever since introducing the virtualization category at Pwn2Own in 2016, guest-to-host escapes have been a highlight of the contest. This year’s event was no exception. Other guest-to-host escapes have also come through the ZDI program throughout the year. I

The July 2021 Security Update Review

vom 163.29 Punkte
The second Tuesday of the month is here, and it brings with it the latest security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch

CVE-2019-0726: An RCE Vulnerability in the Windows 10 DHCP Client

vom 161.16 Punkte
In January of this year, Microsoft released a patch to correct a flaw in the DHCP Client service in Windows. An attacker could potentially get their code running on an affected system just by sending a specially crafted DHCP response. The root cause

The August 2019 Security Update Review

vom 160.89 Punkte
August is here and it brings with it the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.   Adobe Patches for August 2019 Adobe relea

Trane ComfortLink II 2.0.2 DSS Service REG Request Stack-Based Pufferüberlauf

vom 149.82 Punkte
Es wurde eine Schwachstelle in Trane ComfortLink II 2.0.2 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um eine unbekannte Funktion der Komponente DSS Service. Dank Manipulation durch REG Request kann eine Pufferüberlauf-Schwachstelle (Stack-Based) ausgen

Trane ComfortLink II 2.0.2 DSS Service REG Request Stack-Based Pufferüberlauf

vom 149.82 Punkte
Es wurde eine Schwachstelle in Trane ComfortLink II 2.0.2 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um eine unbekannte Funktion der Komponente DSS Service. Dank Manipulation durch REG Request kann eine Pufferüberlauf-Schwachstelle (Stack-Based) ausgen

The January 2021 Security Update Review

vom 127.57 Punkte
Welcome to the new year, and welcome to the first Patch Tuesday of 2021. Take a break from your regularly scheduled activities and join us as we review the details for the latest security offerings from Microsoft and Adobe. Adobe Patches for January 2021This month,

The May 2019 Security Update Review

vom 117.87 Punkte
May is here and so are the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.   Adobe Patches for May 2019 This month, Ad

The February 2019 Security Update Review

vom 111.31 Punkte
February is here and with it comes the latest in security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2019