Mandriva Update For Dhcp MDVSA-2012:153-1 (dhcp) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A security issue was identified and fixed in dhcp: ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced (CVE-2012-3955). The updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2011 is being provided. The updated packages have been upgraded to dhcp 4.2.4-P2 which is not vulnerable to this issue.

Affected

dhcp on Mandriva Linux 2011.0

Severity

Classification

CVE CVE-2012-3955

CVSS	Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:185 (firefox)
Mandrake Security Advisory MDVSA-2009:106 (libwmf)
Mandrake Security Advisory MDVSA-2009:064 (imap)
Mandrake Security Advisory MDVSA-2009:150 (libtiff)
Mandrake Security Advisory MDVSA-2009:036 (python)

Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)

Take action and discover your vulnerabilities