167 lines
7.1 KiB
JSON
167 lines
7.1 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20181300",
|
||
"Version": "oval:org.altlinux.errata:def:20181300",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2018-1300: package `dhcp` update to version 4.3.6.P1-alt1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch c9f2"
|
||
],
|
||
"Products": [
|
||
"ALT SPWorkstation",
|
||
"ALT SPServer"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2018-1300",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-1300",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2018-00356",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2018-00356",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2018-00357",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2018-00357",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-3144",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-3144",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2018-5732",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-5732",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2018-5733",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-5733",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades dhcp to version 4.3.6.P1-alt1. \nSecurity Fix(es):\n\n * BDU:2018-00356: Уязвимость сервера ISC DHCP, связанная с переполнением буфера памяти, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к конфиденциальным данным\n\n * BDU:2018-00357: Уязвимость DHCP-сервера dhcpd, вызванная возможностью переполнения 32-разрядного счетчика ссылок и позволяющая вызвать отказ в обслуживании сервера\n\n * CVE-2017-3144: A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.\n\n * CVE-2018-5732: Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -\u003e 4.1-ESV-R15, 4.2.0 -\u003e 4.2.8, 4.3.0 -\u003e 4.3.6, 4.4.0\n\n * CVE-2018-5733: A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -\u003e 4.1-ESV-R15, 4.2.0 -\u003e 4.2.8, 4.3.0 -\u003e 4.3.6, 4.4.0.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "Critical",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2018-03-01"
|
||
},
|
||
"Updated": {
|
||
"Date": "2018-03-01"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2018-00356",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2018-00356",
|
||
"Impact": "Critical",
|
||
"Public": "20180210"
|
||
},
|
||
{
|
||
"ID": "BDU:2018-00357",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://bdu.fstec.ru/vul/2018-00357",
|
||
"Impact": "High",
|
||
"Public": "20180209"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2017-3144",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-400",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-3144",
|
||
"Impact": "High",
|
||
"Public": "20190116"
|
||
},
|
||
{
|
||
"ID": "CVE-2018-5732",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-5732",
|
||
"Impact": "High",
|
||
"Public": "20191009"
|
||
},
|
||
{
|
||
"ID": "CVE-2018-5733",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-5733",
|
||
"Impact": "High",
|
||
"Public": "20190116"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:spworkstation:8.4",
|
||
"cpe:/o:alt:spserver:8.4"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300001",
|
||
"Comment": "dhcp-client is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300002",
|
||
"Comment": "dhcp-common is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300003",
|
||
"Comment": "dhcp-devel is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300004",
|
||
"Comment": "dhcp-libs is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300005",
|
||
"Comment": "dhcp-omshell is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300006",
|
||
"Comment": "dhcp-relay is earlier than 1:4.3.6.P1-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20181300007",
|
||
"Comment": "dhcp-server is earlier than 1:4.3.6.P1-alt1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |