Mandriva Update For Dhcp MDVSA-2012:153-1 (dhcp) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A security issue was identified and fixed in dhcp: ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced (CVE-2012-3955). The updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2011 is being provided. The updated packages have been upgraded to dhcp 4.2.4-P2 which is not vulnerable to this issue.

Affected

dhcp on Mandriva Linux 2011.0

Severity

Classification

CVE CVE-2012-3955
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:103 (udev)
Mandrake Security Advisory MDVSA-2009:083 (mozilla-thunderbird)
Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)
Mandrake Security Advisory MDVSA-2009:013 (mplayer)
Mandrake Security Advisory MDVSA-2009:088 (wireshark)

Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)

Take action and discover your vulnerabilities