Vulnerability CVE-2012-6698


Published: 2016-04-11

Description:
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

Vendor: Debian
Product: Debian linux 
Version: 7.0;
Vendor: Dhcpcd project
Product: Dhcpcd 
Version:
3.2.3
3.2.2
3.2.1
3.2.0
3.1.9

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://launchpadlibrarian.net/228152582/dhcp.c.patch
https://bugs.launchpad.net/ubuntu/+source/dhcpcd/+bug/1517226
http://www.openwall.com/lists/oss-security/2015/12/03/1
http://www.openwall.com/lists/oss-security/2015/12/02/1
http://www.debian.org/security/2016/dsa-3534

Related CVE
CVE-2019-11766
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2019-11579
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
CVE-2019-11578
auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks.
CVE-2019-11577
dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.
CVE-2016-1504
dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.
CVE-2016-1503
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of s...
CVE-2012-6699
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.
CVE-2012-6700
The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.

Copyright 2019, cxsecurity.com

 

Back to Top