FreeBSD : kea -- unexpected termination while handling a malformed packet (59e7eb28-b309-11e5-af83-80ee73b5dcf5)

medium Nessus Plugin ID 87744

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

ISC Support reports :

ISC Kea may terminate unexpectedly (crash) while handling a malformed client packet. Related defects in the kea-dhcp4 and kea-dhcp6 servers can cause the server to crash during option processing if a client sends a malformed packet. An attacker sending a crafted malformed packet can cause an ISC Kea server providing DHCP services to IPv4 or IPv6 clients to exit unexpectedly.

- The kea-dhcp4 server is vulnerable only in versions 0.9.2 and 1.0.0-beta, and furthermore only when logging at debug level 40 or higher. Servers running kea-dhcp4 versions 0.9.1 or lower, and servers which are not logging or are logging at debug level 39 or below are not vulnerable.

- The kea-dhcp6 server is vulnerable only in versions 0.9.2 and 1.0.0-beta, and furthermore only when logging at debug level 45 or higher. Servers running kea-dhcp6 versions 0.9.1 or lower, and servers which are not logging or are logging at debug level 44 or below are not vulnerable.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?7d30aa3c

http://www.nessus.org/u?b18e545c

Plugin Details

Severity: Medium

ID: 87744

File Name: freebsd_pkg_59e7eb28b30911e5af8380ee73b5dcf5.nasl

Version: 2.4

Type: local

Published: 1/6/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:kea, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/4/2016

Vulnerability Publication Date: 12/15/2015

Reference Information

CVE: CVE-2015-8373