Pardus alert 2011-36 (dhcp)
| From: | Meltem <meltem@pardus.org.tr> | |
| To: | pardus-security@pardus.org.tr | |
| Subject: | [Pardus-security] [PLSA 2011-36] DHCP: Denial of Service | |
| Date: | Mon, 14 Feb 2011 10:13:22 +0200 | |
| Message-ID: | <201102141013.22968.meltem@pardus.org.tr> |
------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-36 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2011-02-14 Severity: 3 Type: Remote ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed indhcp, which can be exploited by malicious users to cause a DoS (Denial of Service). Description =========== CVE-2011-0413: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. Affected packages: Pardus 2009: dhcp, all before 4.2.1_beta1-25-8 Resolution ========== There are update(s) for dhcp. You can update them via Package Manager or with a single command from console: pisi up dhcp References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=16697 * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-... ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list Pardus-Security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security