FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-29 17:22:06 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2040c7f5-1e3a-11e8-8ae9-0050569f0b83	isc-dhcp -- Multiple vulnerabilities ISC reports: Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Discovery 2018-02-21 Entry 2018-03-02 isc-dhcp44-server < 4.4.1 isc-dhcp44-client < 4.4.1 isc-dhcp43-server le 4.3.6 isc-dhcp43-client le 4.3.6 CVE-2018-5732 CVE-2018-5733 https://kb.isc.org/article/AA-01565 https://kb.isc.org/article/AA-01567
05eeb7e9-b987-11e5-83ef-14dae9d210b8	isc-dhcpd -- Denial of Service ISC reports: A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally. Discovery 2016-01-05 Entry 2016-01-12 isc-dhcp41-server < 4.1.e_10,2 isc-dhcp41-client < 4.1.e_3,2 isc-dhcp41-relay < 4.1.e_6,2 isc-dhcp42-client isc-dhcp42-server isc-dhcp42-relay ge 0 isc-dhcp43-client isc-dhcp43-server isc-dhcp43-relay < 4.3.3.p1 https://kb.isc.org/article/AA-01334 CVE-2015-8605

VuXML ID

Description

2040c7f5-1e3a-11e8-8ae9-0050569f0b83

isc-dhcp -- Multiple vulnerabilities

ISC reports:

Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.

Discovery 2018-02-21
Entry 2018-03-02
isc-dhcp44-server

< 4.4.1

isc-dhcp44-client

< 4.4.1

isc-dhcp43-server

le 4.3.6

isc-dhcp43-client

le 4.3.6

CVE-2018-5732
CVE-2018-5733
https://kb.isc.org/article/AA-01565
https://kb.isc.org/article/AA-01567

05eeb7e9-b987-11e5-83ef-14dae9d210b8

isc-dhcpd -- Denial of Service

ISC reports:

A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally.

Discovery 2016-01-05
Entry 2016-01-12
isc-dhcp41-server

< 4.1.e_10,2

isc-dhcp41-client

< 4.1.e_3,2

isc-dhcp41-relay

< 4.1.e_6,2

isc-dhcp42-client
isc-dhcp42-server
isc-dhcp42-relay

ge 0

isc-dhcp43-client
isc-dhcp43-server
isc-dhcp43-relay

< 4.3.3.p1

https://kb.isc.org/article/AA-01334
CVE-2015-8605