Vulnerability Name: CVE-2007-0062 (CCN-33102) Assigned: 2007-09-19 Published: 2007-09-19 Updated: 2018-10-16 Summary: Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C 7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-189 CWE-119 Vulnerability Consequences: Gain Access References: Source: CCNVMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player http://bugs.gentoo.org/show_bug.cgi?id=227135 CVE-2007-0062 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player SUSE-SR:2009:005 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player VMWare Products Multiple Vulnerabilities 26890 27694 27706 31396 34263 GLSA-200711-23 GLSA-200808-05 VMware DHCP Bugs Let Remote Users Execute Arbitrary Code http://wiki.rpath.com/Advisories:rPSA-2009-0041 VMware Workstation and Player: Multiple vulnerabilities ISC DHCP: Denial of Service VMWare DHCP Server Remote Code Execution Vulnerabilities 20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities MDVSA-2009:153 VMware Multiple Products DHCP Server Packet Handling Multiple Remote Overflows 20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client 25729 VMware Workstation DHCP Server Multiple Remote Code Execution Vulnerabilities 1018717 VMWare vulnerabilities USN-543-1 http://www.vmware.com/support/ace/doc/releasenotes_ace.html http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html http://www.vmware.com/support/player/doc/releasenotes_player.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/server/doc/releasenotes_server.html http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html VMware Workstation 6.0 Release Notes http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ADV-2007-3229 https://bugzilla.redhat.com/show_bug.cgi?id=339561 dhcp-param-overflow(33102) dhcp-param-overflow(33102) SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:vmware:ace:1.0.3:*:*:*:*:*:*:* OR cpe:/a:vmware:ace:2.0:*:*:*:*:*:*:* OR cpe:/a:vmware:player:1.0.4:*:*:*:*:*:*:* OR cpe:/a:vmware:player:2.0:*:*:*:*:*:*:* OR cpe:/a:vmware:server:1.0.3:*:*:*:*:*:*:* OR cpe:/a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:3.4:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.0:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.0.1:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.0.2:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.5.2:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.1:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.4:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:6.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:vmware:workstation:4.0:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.1:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:6.0:*:*:*:*:*:*:* OR cpe:/a:vmware:ace:2.0:*:*:*:*:*:*:* OR cpe:/a:vmware:ace:1.0.3:*:*:*:*:*:*:* OR cpe:/a:vmware:server:1.0.3:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:3.4:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.0.1:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.0.2:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:4.5.2:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.4:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:* OR cpe:/a:vmware:workstation:6.0.1:*:*:*:*:*:*:* AND cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:* OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:* Oval Definitions BACK
vmware ace 1.0.3
vmware ace 2.0
vmware player 1.0.4
vmware player 2.0
vmware server 1.0.3
vmware vmware workstation 6.0.1
vmware workstation 3.4
vmware workstation 4.0
vmware workstation 4.0.1
vmware workstation 4.0.2
vmware workstation 4.5.2
vmware workstation 5.5.0_build_13124
vmware workstation 5.5.1
vmware workstation 5.5.1_build_19175
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0
vmware workstation 4.0
vmware workstation 5.5.1
vmware workstation 6.0
vmware ace 2.0
vmware ace 1.0.3
vmware server 1.0.3
vmware workstation 3.4
vmware workstation 4.0.1
vmware workstation 4.0.2
vmware workstation 4.5.2
vmware workstation 5.5.0_build_13124
vmware workstation 5.5.1_build_19175
vmware workstation 5.5.3_build_34685
vmware workstation 5.5.3_build_42958
vmware workstation 5.5.4
vmware workstation 5.5.4_build_44386
vmware workstation 6.0.1
gentoo linux *
mandrakesoft mandrake linux corporate server 3.0
mandrakesoft mandrake multi network firewall 2.0
canonical ubuntu 6.06
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 3.0
mandrakesoft mandrake linux 2008.0
canonical ubuntu 7.04
mandrakesoft mandrake linux 2008.0
mandrakesoft mandrake linux 2008.1 x86_64
mandrakesoft mandrake linux 2008.1
Denotes that component is vulnerable