SB2012080204 - Resource management error in dhcp (Alpine package)
Published: August 2, 2012
Security Bulletin ID
SB2012080204
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2012-3954)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=8b8541dfa15ac87cbe85af2d038d51bd470afee3
- https://git.alpinelinux.org/aports/commit/?id=9e86eac9ccecbceef248af531bf9773eca4e70b3
- https://git.alpinelinux.org/aports/commit/?id=57e10f486eafd6fb8702fb7fc6786b5f6a585c10
- https://git.alpinelinux.org/aports/commit/?id=1a4dbb396e0c9359ae50d03c6fb8acdb3480df2d