ISS RealSecure Network Sensor Malformed DHCP Packet DoS
Remote / Network Access
Denial of Service
Loss of Availability
ISS RealSecure Network Sensor contains a flaw that may allow a remote denial of service. The issuse can be triggered by an attacker sending specially-crafted DHCP traffic that will result in an illegal attempt to de-reference a null
memory pointer, and will result in loss of availability for the service.
Install RealSecure X-Press Update 4.3 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by disabling the three vulnerable DHCP signatures:
DHCP_ACK (7131), DHCP_Discover (7132), and DHCP_Request (7133)