F5 Networks BIG-IP : DHCP client vulnerability (K08306700)
Medium Nessus Plugin ID 118625
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAn out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. (CVE-2018-5732)
An attacker can cause a denial of service (DoS) of DHCP functionality on the F5 product management interface.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K08306700.