CVE - CVE-2007-5365

CVE-ID
CVE-2007-5365	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:25984 URL:http://www.securityfocus.com/bid/25984 BID:32213 URL:http://www.securityfocus.com/bid/32213 BUGTRAQ:20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSDâ??s DHCP server URL:http://www.securityfocus.com/archive/1/482085/100/100/threaded BUGTRAQ:20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365) URL:http://www.securityfocus.com/archive/1/483230/100/100/threaded CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354 CONFIRM:~~http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1~~ (Obsolete source) CONFIRM:http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c DEBIAN:DSA-1388 URL:http://www.debian.org/security/2007/dsa-1388 EXPLOIT-DB:4601 URL:https://www.exploit-db.com/exploits/4601 MISC:http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962 OPENBSD:[4.0] 20071008 016: SECURITY FIX: October 8, 2007 URL:http://www.openbsd.org/errata40.html#016_dhcpd OPENBSD:[4.1] 20071008 010: SECURITY FIX: October 8, 2007 URL:http://www.openbsd.org/errata41.html#010_dhcpd OPENBSD:[4.2] 20071008 001: SECURITY FIX: October 8, 2007 URL:http://www.openbsd.org/errata42.html#001_dhcpd OVAL:oval:org.mitre.oval:def:5817 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817 REDHAT:RHSA-2007:0970 URL:http://www.redhat.com/support/errata/RHSA-2007-0970.html SECTRACK:1018794 URL:http://www.securitytracker.com/id?1018794 SECTRACK:1021157 URL:http://securitytracker.com/id?1021157 SECUNIA:27160 URL:http://secunia.com/advisories/27160 SECUNIA:27273 URL:http://secunia.com/advisories/27273 SECUNIA:27338 URL:http://secunia.com/advisories/27338 SECUNIA:27350 URL:http://secunia.com/advisories/27350 SECUNIA:32668 URL:http://secunia.com/advisories/32668 SUNALERT:243806 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1~~ (Obsolete source) UBUNTU:USN-531-1 URL:http://www.ubuntu.com/usn/usn-531-1 UBUNTU:USN-531-2 URL:http://www.ubuntu.com/usn/usn-531-2 VUPEN:ADV-2008-3088 URL:~~http://www.vupen.com/english/advisories/2008/3088~~ (Obsolete source) XF:openbsd-dhcp-bo(37045) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/37045
Assigning CNA
MITRE Corporation
Date Record Created
20071010	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071010)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)