RHEL 6 / 7 : ISC DHCP Concurrent TCP Sessions DoS

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

RedHat Enterprise Linux 6 / 7 is affected by a denial of service
vulnerability in the bundled ISC DHCP server due to a failure to
properly restrict the number of concurrent TCP sessions to the ports
the server uses for inter-process communications and control. An
unauthenticated, remote attacker can exploit this, by opening a large
number of TCP sessions, to cause the server to fail to process
requests or to exit unexpectedly, or to cause an exhaustion of system
sockets.

Note that this vulnerability is more easily exploited when the DHCP
server is using OMAPI for remote management.

See also :

https://access.redhat.com/security/cve/cve-2016-2774
https://kb.isc.org/article/AA-01354

Solution :

Restrict access to the DHCP server to trusted networks and peers only.

Note that RedHat, at this time, has deferred the fix for RedHat
Enterprise Linux 6 / 7 to a later date.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:F/RL:TF/RC:ND)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 90250 ()

Bugtraq ID:

CVE ID: CVE-2016-2774

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now