Oval Definition:oval:com.redhat.rhsa:def:20110256
Revision Date:2011-02-15Version:636
Title:RHSA-2011:0256: dhcp security update (Moderate)
Description:The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. DHCPv6 is the DHCP protocol version for IPv6 networks.

  • A flaw was found in the way the dhcpd daemon processed certain DHCPv6 messages for addresses that had previously been declined and marked as abandoned internally. If a remote attacker sent such messages to dhcpd, it could cause dhcpd to crash due to an assertion failure if it was running as a DHCPv6 server. (CVE-2011-0413)

    Red Hat would like to thank Internet Systems Consortium for reporting this issue.

    Users running dhcpd as a DHCPv6 server should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-0413
    CVE-2011-0413
    RHSA-2011:0256
    RHSA-2011:0256-01
    RHSA-2011:0256-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • dhclient is earlier than 12:4.1.1-12.P1.el6_0.2
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 12:4.1.1-12.P1.el6_0.2
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 12:4.1.1-12.P1.el6_0.2
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
    • BACK