Podatność CVE-2007-5365


Publikacja: 2007-10-11   Modyfikacja: 2012-02-12

Opis:
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Producent: SUN
Produkt: Opensolaris 
Wersje:
snv_99
snv_98
snv_97
snv_96
snv_95
snv_94
snv_93
snv_92
snv_91
snv_90
snv_89
snv_88
snv_87
snv_86
snv_85
snv_84
snv_83
snv_82
snv_81
snv_80
snv_79
snv_78
snv_77
snv_76
snv_75
snv_74
snv_73
snv_72
snv_71
snv_70
snv_69
snv_68
snv_67
snv_66
snv_65
snv_64
snv_63
snv_62
snv_61
snv_60
snv_59
snv_58
snv_57
snv_56
snv_55
snv_54
snv_53
snv_52
snv_51
snv_50
snv_49
snv_48
snv_47
snv_46
snv_45
snv_44
snv_43
snv_42
snv_41
snv_40
snv_39
snv_38
snv_37
snv_36
snv_35
snv_34
snv_33
snv_32
snv_31
snv_30
snv_29
snv_28
snv_27
snv_26
snv_25
snv_24
snv_23
snv_22
snv_21
snv_20
snv_19
snv_18
snv_17
snv_16
snv_15
snv_14
snv_13
snv_12
snv_11
snv_102
snv_101
snv_100
snv_10
snv_09
snv_08
snv_07
snv_06
snv_05
snv_04
snv_03
Zobacz więcej wersji na NVD

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.2/10
10/10
3.9/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny

 Referencje:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354
http://securitytracker.com/id?1021157
http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1
http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962
http://www.debian.org/security/2007/dsa-1388
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c
http://www.openbsd.org/errata40.html#016_dhcpd
http://www.openbsd.org/errata41.html#010_dhcpd
http://www.openbsd.org/errata42.html#001_dhcpd
http://www.redhat.com/support/errata/RHSA-2007-0970.html
http://www.securityfocus.com/archive/1/482085/100/100/threaded
http://www.securityfocus.com/archive/1/483230/100/100/threaded
http://www.securityfocus.com/bid/25984
http://www.securityfocus.com/bid/32213
http://www.securitytracker.com/id?1018794
http://www.ubuntu.com/usn/usn-531-1
http://www.ubuntu.com/usn/usn-531-2
http://www.vupen.com/english/advisories/2008/3088
https://exchange.xforce.ibmcloud.com/vulnerabilities/37045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817
https://www.exploit-db.com/exploits/4601

Podobne CVE
CVE-2011-2177
OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial ...
CVE-2015-0430
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
CVE-2015-0429
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
CVE-2015-0428
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
CVE-2015-0397
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
CVE-2015-0378
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc.
CVE-2015-0375
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.

Copyright 2019, cxsecurity.com

 

Back to Top