Oval Definition:oval:com.redhat.rhsa:def:20121140
Revision Date:2012-08-03Version:634
Title:RHSA-2012:1140: dhcp security update (Moderate)
Description:The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.

  • A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571)

    Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as the original reporter of this issue.

    Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all DHCP servers will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-3571
    RHSA-2012:1140
    RHSA-2012:1140-00
    RHSA-2012:1140-01
    RHSA-2012:1140-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • dhclient is earlier than 12:3.0.5-31.el5_8.1
  • AND dhclient is signed with Red Hat redhatrelease2 key
  • dhcp is earlier than 12:3.0.5-31.el5_8.1
  • AND dhcp is signed with Red Hat redhatrelease2 key
  • dhcp-devel is earlier than 12:3.0.5-31.el5_8.1
  • AND dhcp-devel is signed with Red Hat redhatrelease2 key
  • libdhcp4client is earlier than 12:3.0.5-31.el5_8.1
  • AND libdhcp4client is signed with Red Hat redhatrelease2 key
  • libdhcp4client-devel is earlier than 12:3.0.5-31.el5_8.1
  • AND libdhcp4client-devel is signed with Red Hat redhatrelease2 key
    • BACK