oss-sec mailing list archives
New vulnerability in Kea DHCP servers (CVE-2015-8373) is now public
From: ISC Security Officer <security-officer () isc org>
Date: Tue, 22 Dec 2015 22:31:05 +0100
Please be advised that ISC publicly announced a critical vulnerability in the Kea DHCP servers. The CVE-2015-8373 is a denial-of-service vector which can be exploited remotely against DHCPv4 and DHCPv6 servers by sending malformed packet. Please find the details in the security advisory. https://kb.isc.org/article/AA-01318 New releases of Kea, including security fixes for this vulnerability, are available at: www.isc.org/downloads/ Release notes can be obtained using the following links: ftp://ftp.isc.org/isc/kea/0.9.2-P1/KeaReleaseNotes092P1.txt ftp://ftp.isc.org/isc/kea/1.0.0-beta2/KeaReleaseNotes100beta2.txt Marcin Siodelski (as ISC Security Officer)
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- New vulnerability in Kea DHCP servers (CVE-2015-8373) is now public ISC Security Officer (Dec 22)