Oracle Solaris Third-Party Patch Update : isc-dhcp (cve_2012_3955_denial_of)
High Nessus Plugin ID 80648
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. (CVE-2012-3955)
SolutionUpgrade to Solaris 11/11 SRU 13.4.