ISC DHCP拒绝服务漏洞(CVE-2012-3570)
ISC DHCP拒绝服务漏洞(CVE-2012-3570)
发布日期:2012-07-25
更新日期:2012-07-26
受影响系统:
ISC DHCP Server 4.2.x
ISC DHCP Server 4.1.x
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 54665
CVE(CAN) ID: CVE-2012-3570
ISC DHCP是一种开源的DHCP服务器实现。
ISC DHCP 4.2.4-P1之前的4.2.x版本在实现上存在缓冲区溢出安全漏洞,在启用了DHCPv6模式后,可被恶意用户利用通过特制的客户端标示符参数造成拒绝服务(分段错误和后台程序退出)。
<*来源:Markus Hietava
链接:http://secunia.com/advisories/50018/
https://www.isc.org/software/dhcp/advisories/cve-2012-3571
https://www.isc.org/software/dhcp/advisories/cve-2012-3954
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
ISC
---
ISC已经为此发布了一个安全公告(cve-2012-3571)以及相应补丁:
cve-2012-3571:An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers
链接:https://www.isc.org/software/dhcp/advisories/cve-2012-3571
评论暂时关闭