CVE-2003-0039
CVSS5.0
发布时间 :2003-02-07 00:00:00
修订时间 :2016-10-17 22:28:41
NMCOS    

[原文]ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.


[CNNVD]ISC DHCPD dhcrelay外部网络数据包漏洞(CNNVD-200302-016)

        ISC dhcrelay (dhcp-relay) 3.0rc9及其之前版本,以及可能其他版本存在漏洞。远程攻击者可以借助被转发到广播MAC地址的特定BOOTP数据包导致服务拒绝,该漏洞导致不能被跳计数限制的无限循环。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:isc:dhcpd:3.0.1:rc3ISC DHCPD 3.0.1 rc3
cpe:/a:isc:dhcpd:3.0.1:rc4ISC DHCPD 3.0.1 rc4
cpe:/a:isc:dhcpd:3.0.1:rc1ISC DHCPD 3.0.1 rc1
cpe:/a:isc:dhcpd:3.0.1:rc2ISC DHCPD 3.0.1 rc2
cpe:/a:isc:dhcpd:3.0.1:rc7ISC DHCPD 3.0.1 rc7
cpe:/a:isc:dhcpd:3.0.1:rc8ISC DHCPD 3.0.1 rc8
cpe:/a:isc:dhcpd:3.0.1:rc5ISC DHCPD 3.0.1 rc5
cpe:/a:isc:dhcpd:3.0.1:rc6ISC DHCPD 3.0.1 rc6
cpe:/a:isc:dhcpd:3.0.1:rc10ISC DHCPD 3.0.1 rc10
cpe:/a:isc:dhcpd:3.0.1:rc9ISC DHCPD 3.0.1 rc9

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0039
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0039
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200302-016
(官方数据源) CNNVD

- 其它链接及资源

http://cc.turbolinux.com/security/TLSA-2003-26.txt
(UNKNOWN)  TURBO  TLSA-2003-26
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000616
(UNKNOWN)  CONECTIVA  CLSA-2003:616
http://marc.info/?l=bugtraq&m=104310927813830&w=2
(UNKNOWN)  BUGTRAQ  20030115 DoS against DHCP infrastructure with isc dhcrelay
http://www.debian.org/security/2003/dsa-245
(VENDOR_ADVISORY)  DEBIAN  DSA-245
http://www.kb.cert.org/vuls/id/149953
(UNKNOWN)  CERT-VN  VU#149953
http://www.openpkg.org/security/OpenPKG-SA-2003.012-dhcpd.html
(UNKNOWN)  BUGTRAQ  20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd)
http://www.redhat.com/support/errata/RHSA-2003-034.html
(UNKNOWN)  REDHAT  RHSA-2003:034
http://www.securityfocus.com/bid/6628
(UNKNOWN)  BID  6628
http://xforce.iss.net/xforce/xfdb/11187
(VENDOR_ADVISORY)  XF  dhcp-dhcrelay-dos(11187)

- 漏洞信息

ISC DHCPD dhcrelay外部网络数据包漏洞
中危 其他
2003-02-07 00:00:00 2005-05-13 00:00:00
远程  
        ISC dhcrelay (dhcp-relay) 3.0rc9及其之前版本,以及可能其他版本存在漏洞。远程攻击者可以借助被转发到广播MAC地址的特定BOOTP数据包导致服务拒绝,该漏洞导致不能被跳计数限制的无限循环。

- 公告与补丁

        Conectiva Linux has released an advisory (CLA-2003:616). Information about applying fixes is available in the referenced advisory. Fixes are available below.
        Debian has made fixes available. See referenced advisory DSA 245-1 for additional details.
        OpenPKG has released a security advisory (OpenPKG-SA-2003.012) which contains fix information. OpenPKG users are advised to upgrade their dhcpd packages as soon as possible.
        Conectiva has also released an advisory (CLSA-2003:791) including a fix to address this issue in CLEE 1.0.
        Fixes:
        ISC DHCPD 3.0 pl1
        
        ISC DHCPD 3.0.1 rc11
        
        ISC DHCPD 3.0.1 rc9
        

- 漏洞信息

12645
ISC dhcrelay (dhcp-relay) DHCP Server DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-01-15 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ISC DHCPD dhcrelay Extraneous Network Packets Vulnerability
Failure to Handle Exceptional Conditions 6628
Yes No
2003-01-15 12:00:00 2009-07-11 07:17:00
This vulnerability was reported by Florian Lohoff <flo@rfc822.org>.

- 受影响的程序版本

ISC DHCPD 3.0.1 rc9
+ Conectiva Linux Enterprise Edition 1.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ OpenPKG OpenPKG 1.1
+ S.u.S.E. Linux 8.1
ISC DHCPD 3.0.1 rc8
ISC DHCPD 3.0.1 rc7
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
ISC DHCPD 3.0.1 rc6
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
ISC DHCPD 3.0.1 rc5
ISC DHCPD 3.0.1 rc4
+ OpenPKG OpenPKG 1.0
ISC DHCPD 3.0.1 rc3
ISC DHCPD 3.0.1 rc2
ISC DHCPD 3.0.1 rc11
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
ISC DHCPD 3.0.1 rc10
+ OpenPKG OpenPKG Current
ISC DHCPD 3.0.1 rc1
ISC DHCPD 3.0 pl1
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ Slackware Linux 8.1
ISC DHCPD 3.0
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 8.0
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
- S.u.S.E. Linux 8.0
- S.u.S.E. Linux 7.3
- S.u.S.E. Linux 7.2
- S.u.S.E. Linux Connectivity Server
- S.u.S.E. Linux Database Server 0
- S.u.S.E. Linux Enterprise Server for S/390
- S.u.S.E. SuSE eMail Server III
- SuSE SUSE Linux Enterprise Server 7
ISC DHCPD 3.0.1 rc11
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
ISC DHCPD 3.0 pl2

- 不受影响的程序版本

ISC DHCPD 3.0.1 rc11
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG Current
ISC DHCPD 3.0 pl2

- 漏洞讨论

It is possible for an attacker to cause dhcrelay to send numerous DHCP packets to a DHCP server. This may result in a denial of DHCP service or cause the DHCP server to behave in an unpredictable manner.

It is possible to exploit this vulnerability by issuing a BOOTP request with a value for the giaddr field. This will result in the dhcrelay service forwarding the packet to the DHCP server in an unending loop.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Conectiva Linux has released an advisory (CLA-2003:616). Information about applying fixes is available in the referenced advisory. Fixes are available below.

Debian has made fixes available. See referenced advisory DSA 245-1 for additional details.

OpenPKG has released a security advisory (OpenPKG-SA-2003.012) which contains fix information. OpenPKG users are advised to upgrade their dhcpd packages as soon as possible.

Conectiva has also released an advisory (CLSA-2003:791) including a fix to address this issue in CLEE 1.0.

Fixes:


ISC DHCPD 3.0 pl1

ISC DHCPD 3.0.1 rc11

ISC DHCPD 3.0.1 rc9

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站