Solution
Please Install the Updated Packages.
Insight
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address.
Two denial of service flaws were found in the way the dhcpd daemon handled certain incomplete request packets. A remote attacker could use these flaws to crash dhcpd via a specially-crafted request. (CVE-2011-2748, CVE-2011-2749)
Users of DHCP should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing this update, all DHCP servers will be restarted automatically.
Affected
dhcp on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-2748, CVE-2011-2749 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities