CVE-2007-5365
Last modified
CVE-2007-5365 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.. EPSS estimates a 80.27% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Debian | Debian Linux | 3.1 | — |
| Debian | Debian Linux | 4.0 | — |
| Openbsd | Openbsd | 4.0 | — |
| Openbsd | Openbsd | 4.1 | — |
| Openbsd | Openbsd | 4.2 | — |
| Redhat | Enterprise Linux | 2.1 | — |
| Redhat | Linux Advanced Workstation | 2.1 | — |
| Sun | Opensolaris | snv_01 | — |
| Sun | Opensolaris | snv_02 | — |
| Sun | Opensolaris | snv_03 | — |
| Sun | Opensolaris | snv_04 | — |
| Sun | Opensolaris | snv_05 | — |
| Sun | Opensolaris | snv_06 | — |
| Sun | Opensolaris | snv_07 | — |
| Sun | Opensolaris | snv_08 | — |
| Sun | Opensolaris | snv_09 | — |
| Sun | Opensolaris | snv_10 | — |
| Sun | Opensolaris | snv_11 | — |
| Sun | Opensolaris | snv_12 | — |
| Sun | Opensolaris | snv_13 | — |
| Sun | Opensolaris | snv_14 | — |
| Sun | Opensolaris | snv_15 | — |
| Sun | Opensolaris | snv_16 | — |
| Sun | Opensolaris | snv_17 | — |
| Sun | Opensolaris | snv_18 | — |
| Sun | Opensolaris | snv_19 | — |
| Sun | Opensolaris | snv_20 | — |
| Sun | Opensolaris | snv_21 | — |
| Sun | Opensolaris | snv_22 | — |
| Sun | Opensolaris | snv_23 | — |
| Sun | Opensolaris | snv_24 | — |
| Sun | Opensolaris | snv_25 | — |
| Sun | Opensolaris | snv_26 | — |
| Sun | Opensolaris | snv_27 | — |
| Sun | Opensolaris | snv_28 | — |
| Sun | Opensolaris | snv_29 | — |
| Sun | Opensolaris | snv_30 | — |
| Sun | Opensolaris | snv_31 | — |
| Sun | Opensolaris | snv_32 | — |
| Sun | Opensolaris | snv_33 | — |
| Sun | Opensolaris | snv_34 | — |
| Sun | Opensolaris | snv_35 | — |
| Sun | Opensolaris | snv_36 | — |
| Sun | Opensolaris | snv_37 | — |
| Sun | Opensolaris | snv_38 | — |
| Sun | Opensolaris | snv_39 | — |
| Sun | Opensolaris | snv_40 | — |
| Sun | Opensolaris | snv_41 | — |
| Sun | Opensolaris | snv_42 | — |
| Sun | Opensolaris | snv_43 | — |
Showing 50 of 116 affected configurations. See NVD for the full list.
References
- http://secunia.com/advisories/27160Vendor Advisory
- http://secunia.com/advisories/27273Vendor Advisory
- http://secunia.com/advisories/27338Vendor Advisory
- http://secunia.com/advisories/27350Vendor Advisory
- http://secunia.com/advisories/32668Vendor Advisory
- http://www.vupen.com/english/advisories/2008/3088Vendor Advisory
- http://secunia.com/advisories/27160Vendor Advisory
- http://secunia.com/advisories/27273Vendor Advisory
- http://secunia.com/advisories/27338Vendor Advisory
- http://secunia.com/advisories/27350Vendor Advisory
- http://secunia.com/advisories/32668Vendor Advisory
- http://www.vupen.com/english/advisories/2008/3088Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-5365?
How severe is CVE-2007-5365?
How do I fix CVE-2007-5365?
Are you affected by CVE-2007-5365?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST