diff options
author | wxs <wxs@FreeBSD.org> | 2010-11-25 02:27:03 +0800 |
---|---|---|
committer | wxs <wxs@FreeBSD.org> | 2010-11-25 02:27:03 +0800 |
commit | deecbdd5078f41e6158f41ffdff166527d473630 (patch) | |
tree | 31f8c3267531e0346b90f7840d5f2174dcdbdfe4 /security | |
parent | 6767b4809724f02bd5d13f50438b17bbb5f0f8f9 (diff) | |
download | freebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.tar.gz freebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.tar.zst freebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.zip |
Document net/isc-dhcp41-server DHCPv6 DoS. The update to the port is coming
shortly.
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 1916fa71a450..22ef9fb3a6a3 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="f154a3c7-f7f4-11df-b617-00e0815b8da8"> + <topic>isc-dhcp-server -- Empty link-address denial of service</topic> + <affects> + <package> + <name>isc-dhcp41-server</name> + <range><ge>4.1.0</ge><lt>4.1.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>ISC reports:</p> + <blockquote cite="http://www.isc.org/software/dhcp/advisories/cve-2010-3611"> + <p>If the server receives a DHCPv6 packet containing one or more + Relay-Forward messages, and none of them supply an address in the + Relay-Forward link-address field, then the server will crash. This + can be used as a single packet crash attack vector.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2010-3611</cvename> + <url>http://www.isc.org/software/dhcp/advisories/cve-2010-3611</url> + <url>http://www.kb.cert.org/vuls/id/102047</url> + </references> + <dates> + <discovery>2010-11-02</discovery> + <entry>2010-11-24</entry> + </dates> + </vuln> + <vuln vid="373e412e-f748-11df-96cd-0015f2db7bde"> <topic>OpenTTD -- Denial of service (server/client) via invalid read</topic> <affects> |