CVE-2016-2774

Related Files

Ubuntu Security Notice USN-3586-1

Posted Mar 1, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3586-1 - Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that the DHCP server incorrectly handled socket descriptors. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, tcp

systems | linux, ubuntu

advisories | CVE-2016-2774, CVE-2017-3144, CVE-2018-5732, CVE-2018-5733

SHA-256 | dedc59b7599b4b9b715d94bc53abc59c0eb765ff7b858e2fedaea16f08651d22

Download | Favorite | View

Red Hat Security Advisory 2016-2590-02

Posted Nov 4, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2590-02 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix: A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections to OMAPI and failover ports. A remote attacker able to establish TCP connections to one of these ports could use this flaw to cause dhcpd to exit unexpectedly, stop responding requests, or exhaust system sockets.

tags | advisory, remote, tcp, protocol

systems | linux, redhat

advisories | CVE-2016-2774

SHA-256 | cfb474006c647556760192872b3a36a511d0e196613ecae628a7e928d757d409

Download | Favorite | View