Univention Bugzilla – Bug 40545
isc-dhcp: Denial of service (4.1)
Last modified: 2016-10-05 12:46:51 CEST
Upstream Debian package version 4.2.2.dfsg.1-5+deb70u8 fixes this issue: * ISC dhcp allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet (CVE-2015-8605)
repo_admin.py --cherrypick -r 4.0 -s errata4.0-4 --releasedest 4.1 --dest errata4.1-1 -p isc-dhcp Package: isc-dhcp Version: 4.2.2.dfsg.1-5+deb70u8.37.201602231237 Branch: ucs_4.1-0 Scope: errata4.1-1 r67630 | Bug #40545 dhcp: YAML 4.1-1 isc-dhcp.yaml
Another issue, maybe we can pick up the patch too if it is available in short term: * ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. (CVE-2016-2774)
(In reply to Arvid Requate from comment #2) > Another issue, maybe we can pick up the patch too if it is available in > short term: > > * ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does > not restrict the number of concurrent TCP sessions, which allows remote > attackers to cause a denial of service (INSIST assertion failure or > request-processing outage) by establishing many sessions. (CVE-2016-2774) This is a minor issue, ignored.
Tests (amd64): OK Advisory: OK
<http://errata.software-univention.de/ucs/4.1/138.html>