漏洞信息详情
ISC DHCP服务器主机定义远程拒绝服务漏洞
- CNNVD编号:CNNVD-200907-278
- 危害等级: 中危
- CVE编号: CVE-2009-1892
- 漏洞类型: 配置错误
- 发布时间: 2009-07-17
- 威胁类型: 远程
- 更新时间: 2009-09-02
- 厂 商: isc
- 漏洞来源: Christoph Biedl
漏洞简介
动态主机配置协议(DHCP)允许IP网络上的各个设备获得各自的网络配置信息,包括IP地址、子网掩码和广播地址 。
ISC DHCP服务器没有正确地处理DHCP请求。如果主机定义中同时使用了dhcp-client-identifier和hardware ethernet设置,远程攻击者就可以通过提交恶意的DHCP请求导致服务器停止响应 。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Debian Linux 5.0 ia-64
Debian dhcp-client_3.1.1-6+lenny3_all.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1 -6+lenny3_all.deb
Debian dhcp3-client-udeb_3.1.1-6+lenny2_ia64.udeb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_ia64.udeb
Debian dhcp3-client-udeb_3.1.1-6+lenny3_ia64.udeb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny3_ia64.udeb
Debian dhcp3-client_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_ia64.deb
Debian dhcp3-client_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny3_ia64.deb
Debian dhcp3-common_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_ia64.deb
Debian dhcp3-common_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny3_ia64.deb
Debian dhcp3-dev_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_ia64.deb
Debian dhcp3-dev_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny3_ia64.deb
Debian dhcp3-relay_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_ia64.deb
Debian dhcp3-relay_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny3_ia64.deb
Debian dhcp3-server-ldap_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_ia64.deb
Debian dhcp3-server-ldap_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny3_ia64.deb
Debian dhcp3-server_3.1.1-6+lenny2_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny2_ia64.deb
Debian dhcp3-server_3.1.1-6+lenny3_ia64.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server_3.1. 1-6+lenny3_ia64.deb
Debian Linux 5.0 alpha
Debian dhcp-client_3.1.1-6+lenny3_all.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp-client_3.1.1 -6+lenny3_all.deb
Debian dhcp3-client-udeb_3.1.1-6+lenny2_alpha.udeb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny2_alpha.udeb
Debian dhcp3-client-udeb_3.1.1-6+lenny3_alpha.udeb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client-udeb _3.1.1-6+lenny3_alpha.udeb
Debian dhcp3-client_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny2_alpha.deb
Debian dhcp3-client_3.1.1-6+lenny3_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-client_3.1. 1-6+lenny3_alpha.deb
Debian dhcp3-common_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny2_alpha.deb
Debian dhcp3-common_3.1.1-6+lenny3_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-common_3.1. 1-6+lenny3_alpha.deb
Debian dhcp3-dev_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny2_alpha.deb
Debian dhcp3-dev_3.1.1-6+lenny3_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-dev_3.1.1-6 +lenny3_alpha.deb
Debian dhcp3-relay_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny2_alpha.deb
Debian dhcp3-relay_3.1.1-6+lenny3_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-relay_3.1.1 -6+lenny3_alpha.deb
Debian dhcp3-server-ldap_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny2_alpha.deb
Debian dhcp3-server-ldap_3.1.1-6+lenny3_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-server-ldap _3.1.1-6+lenny3_alpha.deb
Debian dhcp3-server_3.1.1-6+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/d/dhcp3/dhcp3-s
参考网址
来源: BID
名称: 35669
链接:http://www.securityfocus.com/bid/35669
来源: DEBIAN
名称: DSA-1833
链接:http://www.debian.org/security/2009/dsa-1833
来源: FEDORA
名称: FEDORA-2009-8344
链接:https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01177.HTML
来源: XF
名称: dhcp-dhcp-dos(51717)
链接:http://xforce.iss.net/xforce/xfdb/51717
来源: MANDRIVA
名称: MDVSA-2009:154
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:154
来源: SECUNIA
名称: 36457
链接:http://secunia.com/advisories/36457
来源: SECUNIA
名称: 35851
链接:http://secunia.com/advisories/35851
来源: SECUNIA
名称: 35830
链接:http://secunia.com/advisories/35830
受影响实体
- Isc Dhcp:3.0.4_b3
- Isc Dhcp:3.0.4_b2
- Isc Dhcp:3.0.4_b1
- Isc Dhcp:3.0.4
- Isc Dhcp:3.1.1
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论