Rapid7 Vulnerability & Exploit Database

RHSA-2011:0256: dhcp security update

Back to Search

RHSA-2011:0256: dhcp security update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
01/31/2011
Created
07/25/2018
Added
02/24/2011
Modified
07/04/2017

Description

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allowsindividual devices on an IP network to get their own network configurationinformation, including an IP address, a subnet mask, and a broadcastaddress. DHCPv6 is the DHCP protocol version for IPv6 networks.A flaw was found in the way the dhcpd daemon processed certain DHCPv6messages for addresses that had previously been declined and marked asabandoned internally. If a remote attacker sent such messages to dhcpd, itcould cause dhcpd to crash due to an assertion failure if it was running asa DHCPv6 server. (CVE-2011-0413)Red Hat would like to thank Internet Systems Consortium for reporting thisissue.Users running dhcpd as a DHCPv6 server should upgrade to these updatedpackages, which contain a backported patch to correct this issue. Afterinstalling this update, all DHCP servers will be restarted automatically.

Solution(s)

  • redhat-upgrade-dhclient
  • redhat-upgrade-dhcp
  • redhat-upgrade-dhcp-debuginfo
  • redhat-upgrade-dhcp-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;