Oracle Solaris Third-Party Patch Update : isc-dhcp (cve_2011_4539_denial_of)
Medium Nessus Plugin ID 80646
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. (CVE-2011-4539)
SolutionUpgrade to Solaris 11/11 SRU 04.