aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorwxs <wxs@FreeBSD.org>2010-11-25 02:27:03 +0800
committerwxs <wxs@FreeBSD.org>2010-11-25 02:27:03 +0800
commitdeecbdd5078f41e6158f41ffdff166527d473630 (patch)
tree31f8c3267531e0346b90f7840d5f2174dcdbdfe4 /security
parent6767b4809724f02bd5d13f50438b17bbb5f0f8f9 (diff)
downloadfreebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.tar.gz
freebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.tar.zst
freebsd-ports-gnome-deecbdd5078f41e6158f41ffdff166527d473630.zip
Document net/isc-dhcp41-server DHCPv6 DoS. The update to the port is coming
shortly.
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 1916fa71a450..22ef9fb3a6a3 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,36 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f154a3c7-f7f4-11df-b617-00e0815b8da8">
+ <topic>isc-dhcp-server -- Empty link-address denial of service</topic>
+ <affects>
+ <package>
+ <name>isc-dhcp41-server</name>
+ <range><ge>4.1.0</ge><lt>4.1.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>ISC reports:</p>
+ <blockquote cite="http://www.isc.org/software/dhcp/advisories/cve-2010-3611">
+ <p>If the server receives a DHCPv6 packet containing one or more
+ Relay-Forward messages, and none of them supply an address in the
+ Relay-Forward link-address field, then the server will crash. This
+ can be used as a single packet crash attack vector.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2010-3611</cvename>
+ <url>http://www.isc.org/software/dhcp/advisories/cve-2010-3611</url>
+ <url>http://www.kb.cert.org/vuls/id/102047</url>
+ </references>
+ <dates>
+ <discovery>2010-11-02</discovery>
+ <entry>2010-11-24</entry>
+ </dates>
+ </vuln>
+
<vuln vid="373e412e-f748-11df-96cd-0015f2db7bde">
<topic>OpenTTD -- Denial of service (server/client) via invalid read</topic>
<affects>