Vulnerability CVE-2019-11578


Published: 2019-04-28

Description:
auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks.

Type:

CWE-310

(Cryptographic Issues)

Vendor: Dhcpcd project
Product: Dhcpcd 
Version:
6.9.4
6.4.3
6.4.2
6.4.1
6.4.0
6.3.2
6.3.1
6.3.0
6.2.1
6.2.0
6.1.0
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.99.7
5.99.6
5.99.5
5.99.4
5.99.3
5.99.2
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.5.6
5.5.5
5.5.4
5.5.3
5.5.2
5.5.1
5.5.0
5.2.9
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.12
5.2.11
5.2.10
5.2.1
5.2.0
5.1.5
5.1.4
5.1.3
5.1.2
5.1.1
5.1.0
5.0.9
5.0.8
5.0.7
5.0.6
5.0.4
5.0.3
5.0.1
5.0.0
4.0.7
4.0.6
4.0.5
4.0.4
4.0.3
4.0.2
4.0.15
4.0.14
4.0.13
4.0.12
4.0.11
4.0.10
4.0.1
4.0.0

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www.securityfocus.com/bid/108090
https://roy.marples.name/archives/dhcpcd-discuss/0002415.html
https://roy.marples.name/git/dhcpcd.git/commit/?id=7121040790b611ca3fbc400a1bbcd4364ef57233
https://roy.marples.name/git/dhcpcd.git/commit/?id=aee631aadeef4283c8a749c1caf77823304acf5e
https://roy.marples.name/git/dhcpcd.git/commit/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da

Related CVE
CVE-2019-11766
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2019-11579
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
CVE-2019-11577
dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.
CVE-2016-1504
dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.
CVE-2016-1503
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of s...
CVE-2012-6699
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.
CVE-2012-6700
The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.
CVE-2012-6698
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

Copyright 2019, cxsecurity.com

 

Back to Top