Otklonjen je sigurnosni propust programskog paketa DHCP, distribuiranog s operacijskim sustavom Fedora 18. Udaljeni su ga napadači mogli iskoristiti za izvođenje napada uskraćivanjem usluge (DoS).
Paket:
dhcp 4.x
Operacijski sustavi:
Fedora 18
Kritičnost:
5.3
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2012-3955
Izvorni ID preporuke:
FEDORA-2012-13910
Izvor:
Fedora
Problem:
Ranjivost se pojavljuje kod rezervacije IPv6 adresa u okruženju gdje se istek vremena rezervacije naknadno smanjuje.
Posljedica:
Napadačima omogućuje izvođenje DoS napada.
Rješenje:
Korisnicima se preporuča korištenje najnovije inačice u kojoj je propust otklonjen.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-13910
2012-09-13 16:40:58
--------------------------------------------------------------------------------
Name : dhcp
Product : Fedora 18
Version : 4.2.4
Release : 15.P2.fc18
URL : http://isc.org/products/DHCP/
Summary : Dynamic host configuration protocol software
Description :
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network.
To use DHCP on your network, install a DHCP service (or relay agent),
and on clients run a DHCP client daemon. The dhcp package provides
the ISC DHCP service and relay agent.
--------------------------------------------------------------------------------
Update Information:
This is security bugfix release fixing a security vulnerability.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #856766 - CVE-2012-3955 dhcp: reduced expiration time of an IPv6
lease may cause dhcpd to crash
https://bugzilla.redhat.com/show_bug.cgi?id=856766
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dhcp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke