The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2519 advisory.

    The redhat-virtualization-host packages provide the Red Hat Virtualization Host.
    These packages include redhat-release-virtualization-host. Red Hat     Virtualization Hosts (RHVH) are installed using a special build of Red Hat     Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user     interface for monitoring the host's resources and     performing administrative tasks.

    Security Fix(es):

    * glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits     to 32 bits (CVE-2021-27219)

    * hw: vt-d related privilege escalation (CVE-2020-24489)

    * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or     lease files in dhcpd and dhclient (CVE-2021-25217)

    For more details about the security issue(s), including the impact, a CVSS score, and other related     information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4969-2 advisory.

    USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04     ESM and 16.04 ESM.



Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4969-1 advisory.

    Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A     remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2357 advisory.

    The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP     network to get their own network configuration information, including an IP address, a subnet mask, and a     broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and     administer DHCP on a network.

    Security Fix(es):

    * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or     lease files in dhcpd and dhclient (CVE-2021-25217)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:2357-1 advisory.

  - dhcp: stack-based buffer overflow when parsing statements with  colon- separated hex digits in config or     lease files in dhcpd and dhclient (CVE-2021-25217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2416 advisory.

    The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP     network to get their own network configuration information, including an IP address, a subnet mask, and a     broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and     administer DHCP on a network.

    Security Fix(es):

    * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or     lease files in dhcpd and dhclient (CVE-2021-25217)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2359 advisory.

    The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP     network to get their own network configuration information, including an IP address, a subnet mask, and a     broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and     administer DHCP on a network.

    Security Fix(es):

    * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or     lease files in dhcpd and dhclient (CVE-2021-25217)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of dhcp installed on the remote host is prior to 4.1.1-53.P1.29. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1510 advisory.

    A flaw was found in the Dynamic Host Configuration Protocol (DHCP). There is a discrepancy between the     code that handles encapsulated option information in leases transmitted on the wire and the code which     reads and parses lease information after it has been written to disk storage. This flaw allows an attacker     to deliberately cause a situation where dhcpd while running in DHCPv4 or DHCPv6 mode, or the dhclient     attempts to read a stored lease that contains option information, to trigger a stack-based buffer overflow     in the option parsing code for colon-separated hex digits values. The highest threat from this     vulnerability is to data confidentiality and integrity as well as service availability. (CVE-2021-25217)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dhcp packages installed that are affected by a vulnerability:

  - In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases     in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no     longer supported by ISC. From inspection it is clear that the defect is also present in releases from     those series, but they have not been officially tested for the vulnerability), The outcome of encountering     the defect while reading a lease that will trigger it varies, according to: the component being affected     (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler     flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced     the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when     reading an improper lease, which could cause network connectivity problems for an affected system due to     the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd     server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to     the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in     lack of service to clients. Additionally, the offending lease and the lease immediately following it in     the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit     architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not     occur, but it is possible for the offending lease and the lease which immediately followed it to be     improperly deleted. (CVE-2021-25217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K08832573 advisory.

  - In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases     in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no     longer supported by ISC. From inspection it is clear that the defect is also present in releases from     those series, but they have not been officially tested for the vulnerability), The outcome of encountering     the defect while reading a lease that will trigger it varies, according to: the component being affected     (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler     flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced     the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when     reading an improper lease, which could cause network connectivity problems for an affected system due to     the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd     server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to     the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in     lack of service to clients. Additionally, the offending lease and the lease immediately following it in     the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit     architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not     occur, but it is possible for the offending lease and the lease which immediately followed it to be     improperly deleted. (CVE-2021-25217)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients.
Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack- protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
150951	RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.16 (Important) (RHSA-2021:2519)	Nessus	Red Hat Local Security Checks	6/22/2021	11/7/2024	high
150028	Ubuntu 16.04 ESM : DHCP vulnerability (USN-4969-2)	Nessus	Ubuntu Local Security Checks	5/27/2021	10/29/2024	high
150030	Ubuntu 18.04 LTS / 20.04 LTS : DHCP vulnerability (USN-4969-1)	Nessus	Ubuntu Local Security Checks	5/27/2021	8/27/2024	high
150432	RHEL 7 : dhcp (RHSA-2021:2357)	Nessus	Red Hat Local Security Checks	6/10/2021	11/7/2024	high
150760	Scientific Linux Security Update : dhcp on SL7.x i686/x86_64 (2021:2357)	Nessus	Scientific Linux Local Security Checks	6/14/2021	12/13/2023	high
150822	RHEL 8 : dhcp (RHSA-2021:2416)	Nessus	Red Hat Local Security Checks	6/16/2021	11/7/2024	high
150826	RHEL 8 : dhcp (RHSA-2021:2359)	Nessus	Red Hat Local Security Checks	6/16/2021	3/6/2025	high
151509	Amazon Linux AMI : dhcp (ALAS-2021-1510)	Nessus	Amazon Linux Local Security Checks	7/13/2021	12/11/2024	high
160866	NewStart CGSL CORE 5.05 / MAIN 5.05 : dhcp Vulnerability (NS-SA-2022-0027)	Nessus	NewStart CGSL Local Security Checks	5/10/2022	10/30/2023	high
161405	F5 Networks BIG-IP : DHCP vulnerability (K08832573)	Nessus	F5 Networks Local Security Checks	5/20/2022	1/4/2024	high
501623	Siemens DHCP Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-25217)	Tenable OT Security	Tenable.ot	9/14/2023	2/21/2024	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high

high

high

high

high