[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-8605Date: (C)2016-02-11   (M)2023-12-22


ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.5CVSS Score : 5.7
Exploit Score: 2.8Exploit Score: 5.5
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector: ADJACENT_NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: COMPLETE
Integrity: NONE 
Availability: HIGH 
  
Reference:
SECTRACK-1034657
BID-80703
DSA-3442
FEDORA-2016-0c5bb21bf1
FEDORA-2016-adb533a418
USN-2868-1
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
https://kb.isc.org/article/AA-01334
openSUSE-SU-2016:0601
openSUSE-SU-2016:0610

CPE    78
cpe:/o:debian:debian_linux:9.0
cpe:/a:isc:dhcp:4.3.2:b1
cpe:/a:isc:dhcp:4.0.2:p1
cpe:/a:isc:dhcp:4.2.7:b1
...
CWE    1
CWE-20
OVAL    7
oval:org.secpod.oval:def:602328
oval:org.secpod.oval:def:89045290
oval:org.secpod.oval:def:1600339
oval:org.secpod.oval:def:52668
...

© SecPod Technologies