CentOS Update For Dhclient CESA-2011:1160 Centos5 X86_64 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. Two denial of service flaws were found in the way the dhcpd daemon handled certain incomplete request packets. A remote attacker could use these flaws to crash dhcpd via a specially-crafted request. (CVE-2011-2748, CVE-2011-2749) Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing this update, all DHCP servers will be restarted automatically.

Affected

dhclient on CentOS 5

References

http://lists.centos.org/pipermail/centos-announce/2011-September/017800.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2748, CVE-2011-2749

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0398 (seamonkey)
CentOS Security Advisory CESA-2009:1178 (python)
CentOS Security Advisory CESA-2009:0325-01 (seamonkey)
CentOS Security Advisory CESA-2009:0480 (poppler)
CentOS Security Advisory CESA-2009:0257 (seamonkey)

CentOS Update for dhclient CESA-2011:1160 centos5 x86_64

Take action and discover your vulnerabilities